Exploitdb Exploits
4,733 exploits tracked across all sources.
GNU Bash <4.3 - DoS
Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via deeply nested for loops, aka the "word_lineno" issue.
by fdiskyou
Joomla! Component com_macgallery 1.5 - Arbitrary File Download
by Claudio Viviani
Joomla! Component com_facegallery 1.0 - Multiple Vulnerabilities
by Claudio Viviani
Tribulant Tibulant Slideshow Gallery - Improper Input Validation
Unrestricted file upload vulnerability in the Tribulant Slideshow Gallery plugin before 1.4.7 for WordPress allows remote authenticated users to execute arbitrary code by uploading a PHP file, then accessing it via a direct request to the file in wp-content/uploads/slideshow-gallery/.
by Claudio Viviani
Joomla! Component Spider Contacts 1.3.6 - 'contacts_id' SQL Injection
by Claudio Viviani
Joomla! Component Spider Calendar 3.2.6 - SQL Injection
by Claudio Viviani
Rejected
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-5753. Reason: This candidate is a duplicate of CVE-2008-5753. Notes: All CVE users should reference CVE-2008-5753 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
by Robert Kugler
LeapFTP 3.1.0 - URL Handling Buffer Overflow (SEH)
by k3170makan
HTML Help Workshop 1.4 - Local Buffer Overflow (SEH)
by mr.pr0n
HTML Help Workshop 1.4 - Buffer Overflow (SEH) (PoC)
by Moroccan Kingdom (MKD)
Nagios Remote Plugin Executor <2.15 - RCE
Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor (NRPE) 2.15 and earlier allows remote attackers to execute arbitrary commands via a newline character in the -a option to libexec/check_nrpe. NOTE: this issue is disputed by multiple parties. It has been reported that the vendor allows newlines as "expected behavior." Also, this issue can only occur when the administrator enables the "dont_blame_nrpe" option in nrpe.conf despite the "HIGH security risk" warning within the comments
by Claudio Viviani
Xrms Crm - SQL Injection
SQL injection vulnerability in XRMS CRM, possibly 1.99.2, allows remote attackers to execute arbitrary SQL commands via the user_id parameter to plugins/webform/new-form.php, which is not properly handled by plugins/useradmin/fingeruser.php.
by Benjamin Harris
Xrms Crm - SQL Injection
plugins/useradmin/fingeruser.php in XRMS CRM, possibly 1.99.2, allows remote authenticated users to execute arbitrary code via shell metacharacters in the username parameter.
by Benjamin Harris
Plogger <1.0 RC1 - RCE
Unrestricted file upload vulnerability in plog-admin/plog-upload.php in Plogger 1.0 RC1 and earlier allows remote authenticated users to execute arbitrary code by uploading a ZIP file that contains a PHP file and a non-zero length PNG file, then accessing the PHP file via a direct request to it in plog-content/uploads/archive/.
by b0z
Phpwiki - Code Injection
The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execute arbitrary code via shell metacharacters in a device option in the edit[content] parameter to index.php/HeIp. NOTE: some of these details are obtained from third party information.
by Benjamin Harris
BlazeDVD Pro Player 7.0 - '.plf' Local Buffer Overflow (SEH)
by metacom
BlazeDVD Pro Player 7.0 - '.plf' Direct RET Local Stack Buffer Overflow
by Giovanni Bartolomucci
Symantec Endpoint Protection - Memory Corruption
Buffer overflow in the sysplant driver in Symantec Endpoint Protection (SEP) Client 11.x and 12.x before 12.1 RU4 MP1b, and Small Business Edition before SEP 12.1, allows local users to execute arbitrary code via a long argument to a 0x00222084 IOCTL call.
by ryujin & sickness
By Source