Exploitdb Exploits
1,269 exploits tracked across all sources.
Zend Framework <1.10.9, <1.11.6 - SQL Injection
SQL injection vulnerability in Zend Framework 1.10.x before 1.10.9 and 1.11.x before 1.11.6 when using non-ASCII-compatible encodings in conjunction PDO_MySql in PHP before 5.3.6.
by Anthony Ferrara
CVSS 9.8
osCommerce 2.3.1 - 'banner_manager.php' Arbitrary File Upload
by Number 7
Apache Portable Runtime < 1.4.3 - Resource Allocation Without Limits
Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.
by Maksymilian Arciemowicz
WordPress Plugin Sermon Browser 0.43 - Cross-Site Scripting / SQL Injection
by Ma3sTr0-Dz
PHP <5.3.14, <5.4.4 - Buffer Overflow
Integer overflow in the phar_parse_tarfile function in tar.c in the phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tar file that triggers a heap-based buffer overflow.
by Alexander Gavrun
Php < 5.3.5 - Numeric Error
Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (crash) and possibly read sensitive memory via a large third argument to the shmop_read function.
by Jose Carlos Norte
PHP <5.3.6 - DoS
Integer signedness error in zip_stream.c in the Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (CPU consumption) via a malformed archive file that triggers errors in zip_fread function calls.
by TorokAlpar
PHP <5.3.6 - DoS
The Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via a ziparchive stream that is not properly handled by the stream_get_contents function.
by paulgao
WS Interactive Automne 4.1 - '/admin/upload-controler.php' Arbitrary File Upload
by AutoSec Tools
PHP <5.3.6 - Memory Corruption
Multiple memory leaks in the OpenSSL extension in PHP before 5.3.6 might allow remote attackers to cause a denial of service (memory consumption) via (1) plaintext data to the openssl_encrypt function or (2) ciphertext data to the openssl_decrypt function.
by dovbysh
PHP <5.3.6 - Memory Corruption
Multiple memory leaks in the OpenSSL extension in PHP before 5.3.6 might allow remote attackers to cause a denial of service (memory consumption) via (1) plaintext data to the openssl_encrypt function or (2) ciphertext data to the openssl_decrypt function.
by dovbysh
WordPress Plugin PHP Speedy 0.5.2 - 'admin_container.php' Remote Code Execution
by mr_me
WordPress Plugin Recip.ly 1.1.7 - 'uploadImage.php' Arbitrary File Upload
by AutoSec Tools
libxml2 2.6.x - 'XMLWriter::writeAttribute()' Memory Leak Information Disclosure
by Kees Cook
Php - Numeric Error
strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers, as demonstrated using 2.2250738585072011e-308.
by Rick Regan
TYPO3 <4.2.16, 4.3.9, 4.4.5 - Path Traversal
The fileDenyPattern functionality in the PHP file inclusion protection API in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 does not properly filter file types, which allows remote attackers to bypass intended access restrictions and access arbitrary PHP files, as demonstrated using path traversal sequences with %00 null bytes and CVE-2010-3714 to read the TYPO3 encryption key from localconf.php.
by ikki
Typo3 < 4.2.15 - Access Control
The jumpUrl (aka access tracking) implementation in tslib/class.tslib_fe.php in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7, and 4.4.x before 4.4.4 does not properly compare certain hash values during access-control decisions, which allows remote attackers to read arbitrary files via unspecified vectors.
by ikki
Rejected
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-5099. Reason: This candidate is a duplicate of CVE-2010-5099. Notes: All CVE users should reference CVE-2010-5099 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
by ikki
Microsoft Windows Fax Services Cover Page Editor <5.2 r2 - RCE
Heap-based buffer overflow in the CDrawPoly::Serialize function in fxscover.exe in Microsoft Windows Fax Services Cover Page Editor 5.2 r2 in Windows XP Professional SP3, Server 2003 R2 Enterprise Edition SP2, and Windows 7 Professional allows remote attackers to execute arbitrary code via a long record in a Fax Cover Page (.cov) file. NOTE: some of these details are obtained from third party information.
by rgod
OpenClassifieds 1.7.0.3 - Chained: Captcha Bypass / SQL Injection / Persistent Cross-Site Scripting on FrontPage
by Michael Brooks
By Source