Exploitdb Exploits

4,759 exploits tracked across all sources.

Sort: Activity Stars
CVE-2011-10010 EXPLOITDB CRITICAL python VERIFIED
QuickShare File Server 1.2.1 - Path Traversal
QuickShare File Server 1.2.1 contains a path traversal vulnerability in its FTP service due to improper sanitation of user-supplied file paths. Authenticated users can exploit this flaw by submitting crafted sequences to access or write files outside the intended virtual directory. When the "Writable" option is enabled (default during account creation), this allows attackers to upload arbitrary files to privileged locations such as system32, enabling remote code execution via MOF injection or executable placement.
by modpr0be
EIP-2026-118594 EXPLOITDB python VERIFIED
FTPGetter 3.58.0.21 - 'PASV' Remote Buffer Overflow
by modpr0be
EIP-2026-116977 EXPLOITDB python VERIFIED
CodeBlocks 8.02 - 'cbp' Local Buffer Overflow
by sup3r
CVE-2011-10027 EXPLOITDB HIGH python VERIFIED
AOL Desktop < 9.6 - Stack-based Buffer Overflow via RTX Hyperlink Tag
AOL Desktop 9.6 contains a buffer overflow vulnerability in its Tool\rich.rct component when parsing .rtx files. By embedding an overly long string in a hyperlink tag, an attacker can trigger a stack-based buffer overflow due to the use of unsafe strcpy operations. This allows remote attackers to execute arbitrary code when a victim opens a malicious .rtx file. AOL Desktop is end-of-life and no longer supported. Users are encouraged to migrate to AOL Desktop Gold or alternative platforms.
by sup3r
EIP-2026-105099 EXPLOITDB python VERIFIED
All In One Control Panel 1.4.1 - 'cp_menu_data_file.php' SQL Injection
by AutoSec Tools
EIP-2026-119121 EXPLOITDB python VERIFIED
SDP Downloader 2.3.0 - 'http_response' Remote Buffer Overflow
by sup3r
EIP-2026-118145 EXPLOITDB python VERIFIED
WM Downloader 3.1.2.2 2010.04.15 - '.m3u' File Buffer Overflow (DEP Bypass)
by sickness
EIP-2026-118065 EXPLOITDB python VERIFIED
Virtuosa Phoenix Edition 5.2 - ASX Buffer Overflow (SEH)
by Acidgen
CVE-2010-4709 EXPLOITDB python VERIFIED
Automated Solutions Modbus/TCP Master OPC Server < 3.0.2 - Heap-Based Buffer Overflow via Crafted MODBUS Response Packet
Heap-based buffer overflow in Automated Solutions Modbus/TCP Master OPC Server before 3.0.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a MODBUS response packet with a crafted length field.
by Jeremy Brown
EIP-2026-115435 EXPLOITDB python VERIFIED
Inetserv 3.23 POP3 - Denial of Service
by dmnt
EIP-2026-115434 EXPLOITDB python VERIFIED
Inetserv 3.23 - SMTP Denial of Service
by G13
EIP-2026-115334 EXPLOITDB python VERIFIED
Golden FTP Server 4.70 - Malformed Message Denial of Service
by Craig Freyman
EIP-2026-102506 EXPLOITDB python VERIFIED
MeshCMS 3.5 - Remote Code Execution
by mr_me
EIP-2026-118295 EXPLOITDB python VERIFIED
Avira AntiVir Personal - Multiple Code Execution Vulnerabilities (2)
by D.Elser
CVE-2011-0489 EXPLOITDB python VERIFIED
Objectivity/DB 10.0 - Unauthenticated Administrative Command Execution via Lock Server or Advanced Multithreaded Server
The server components in Objectivity/DB 10.0 do not require authentication for administrative commands, which allows remote attackers to modify data, obtain sensitive information, or cause a denial of service by sending requests over TCP to (1) the Lock Server or (2) the Advanced Multithreaded Server, as demonstrated by commands that are ordinarily sent by the (a) ookillls and (b) oostopams applications. NOTE: some of these details are obtained from third party information.
by Jeremy Brown
CVE-2011-0507 EXPLOITDB python VERIFIED
Blackmoon FTP Server 3.1 Build 1735-1736 - Denial of Service via PORT Command
FTPService.exe in Blackmoon FTP 3.1 Build 1735 and Build 1736 (3.1.7.1736), and possibly other versions before 3.1.8.1737, allows remote attackers to cause a denial of service (crash) via a large number of PORT commands with long arguments, which triggers a NULL pointer dereference. NOTE: some of these details are obtained from third party information.
by Craig Freyman
CVE-2007-6515 EXPLOITDB python VERIFIED
SiteScape Forum - Remote Code Execution via TCL Code Separator in Query String
support/dispatch.cgi in SiteScape Forum allows remote attackers to execute arbitrary TCL code via code separator characters in the query string.
by Spencer McIntyre
CVE-2011-0498 EXPLOITDB python VERIFIED
Nokia Multimedia Player 1.00.55.5010 - Stack-Based Buffer Overflow via Playlist File
Stack-based buffer overflow in Nokia Multimedia Player 1.00.55.5010, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long entry in a playlist (.npl) file.
by Carlos Mario Penagos Hollmann
EIP-2026-119156 EXPLOITDB python VERIFIED
Solar FTP Server 2.1.1 - 'PASV' Remote Buffer Overflow
by John Leitch
CVE-2011-0518 EXPLOITDB python VERIFIED
LotusCMS Fraise 3.0 - Path Traversal and Arbitrary Local File Inclusion via System Parameter
Directory traversal vulnerability in core/lib/router.php in LotusCMS Fraise 3.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via the system parameter to index.php.
by mr_me
CVE-2011-0406 EXPLOITDB python VERIFIED
WellinTech KingView 6.53 - Remote Code Execution via Long TCP Request to Port 777
Heap-based buffer overflow in HistorySvr.exe in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a long request to TCP port 777.
by Dillon Beresford
EIP-2026-115465 EXPLOITDB python VERIFIED
IrfanView 4.28 - Multiple Denial of Service Vulnerabilities
by BraniX
EIP-2026-118105 EXPLOITDB python VERIFIED
Winamp 5.5.8 (in_mod plugin) - Local Stack Overflow (SEH)
by fdiskyou
CVE-2011-0500 EXPLOITDB python VERIFIED
VideoSpirit Lite and Pro <= 1.68 - Buffer Overflow via Project File valitem Attribute
Buffer overflow in VideoSpirit Pro 1.6.8.1, 1.68, and earlier; and VideoSpirit Lite 1.4.0.1 and possibly other versions; allows user-assisted remote attackers to execute arbitrary code via a VideoSpirit project (.visprj) file containing a valitem element with a long "value" attribute, as demonstrated using a valitem with the mp3 name.
by xsploitedsec
CVE-2010-10016 EXPLOITDB CRITICAL python VERIFIED
BS.Player Free and Pro Editions < 2.57 (build 1051) - Buffer Overflow via M3U Playlist Import
BS.Player version 2.57 (build 1051) contains a vulnerability in its playlist import functionality. When processing .m3u files, the application fails to properly validate the length of playlist entries, resulting in a buffer overflow condition. This flaw occurs during parsing of long URLs embedded in the playlist, allowing overwrite of Structured Exception Handler (SEH) records. The vulnerability is triggered upon opening a crafted playlist file and affects the Unicode parsing logic in the Windows client.
by C4SS!0 G0M3S