Exploitdb Exploits
4,759 exploits tracked across all sources.
OpenFiler 2.3 - (Authentication Bypass) Remote Password Change
by nonroot
RealVNC 4.1.2 - 'vncviewer.exe' RFB Protocol Remote Code Execution (PoC)
by Andres Luksenberg
Spider Player 2.3.9.5 - '.asx' Off-by-One Crash
by Houssamix
smartsitecms 1.0 - SQL Injection via articles.php var Parameter
SQL injection vulnerability in articles.php in smartSite CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the var parameter.
by certaindeath
EPOLL SYSTEM 3.1 - 'Password.dat' Disclosure
by Pouya_Server
Sad Raven's Click Counter 1.0 - 'passwd.dat' File Disclosure
by Pouya_Server
EffectMatrix Total Video Player <1.31 - Buffer Overflow
Stack-based buffer overflow in EffectMatrix Total Video Player 1.31 allows user-assisted attackers to execute arbitrary code via a Skins\DefaultSkin\DefaultSkin.ini file with a large ColumnHeaderSpan value.
by His0k4
OtsTurntables 1.00.027 - '.ofl' Local Stack Overflow
by suN8Hclf
Oracle TimesTen - Remote Format String (PoC)
by Joxean Koret
VUPlayer 2.49 - '.asx' Universal Local Buffer Overflow
by Encrypt3d.M!nd
Nofeel FTP Server 3.6 - 'CWD' Remote Memory Consumption
by His0k4
Triologic Media Player <8.0.0.0 - Buffer Overflow
Stack-based buffer overflow in Triologic Media Player 7 and 8.0.0.0 allows user-assisted remote attackers to execute arbitrary code via a long string in a .m3u playlist file. NOTE: some of these details are obtained from third party information.
by zAx
Triologic Media Player 8.0.0.0 - Buffer Overflow
Stack-based buffer overflow in Triologic Media Player 8.0.0.0 allows user-assisted remote attackers to execute arbitrary code via a long string in a .m3l playlist file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by zAx
VUPlayer 2.49 - Remote Code Execution via Long ASF URI in ASX REF Element
Stack-based buffer overflow in VUPlayer 2.49 allows remote attackers to execute arbitrary code via a long .asf URI in the HREF attribute of a REF element in a .asx file.
by His0k4
IntelliTamper (2.07/2.08) - Language Catalog Overflow (SEH)
by Cnaph
Destiny Media Player 1.61 - '.lst' Local Buffer Overflow (5)
by suN8Hclf
Pirate Radio Destiny Media Player 1.61 - Stack-Based Buffer Overflow via .pls Playlist File
Stack-based buffer overflow in Pirate Radio Destiny Media Player 1.61 allows remote attackers to execute arbitrary code via a long string in a .pls playlist file.
by His0k4
IntelliTamper <2.08 - Buffer Overflow
Stack-based buffer overflow in IntelliTamper 2.07 and 2.08 allows user-assisted attackers to execute arbitrary code via a long ProxyLogin value in a configuration (.cfg) file.
by His0k4
Winace 2.2 - Malformed Filename Remote Denial of Service
by cN4phux
IntelliTamper <2.08 - Buffer Overflow
Stack-based buffer overflow in IntelliTamper 2.07 and 2.08 allows remote attackers to execute arbitrary code via a MAP file containing a long URL, possibly a related issue to CVE-2006-2494.
by Cnaph
BulletProof FTP Client <2.63 - Buffer Overflow
Stack-based buffer overflow in BulletProof FTP Client 2.63 and 2010 allows user-assisted attackers to execute arbitrary code via a bookmark file entry with a long host name, which appears as a host parameter within the quick-connect bar.
by His0k4
PSI < 0.12.1 - Remote Denial of Service and Possible Code Execution via SOCKS5 File Transfer Option
PSI Jabber client before 0.12.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a file transfer request with a negative value in a SOCKS5 option, which bypasses a signed integer check and triggers an integer overflow and a heap-based buffer overflow.
by Sha0
CoolPlayer 2.17-2.19 - Stack-based Buffer Overflow via PlaylistSkin in Skin File
Stack-based buffer overflow in skin.c in CoolPlayer 2.17 through 2.19 allows remote attackers to execute arbitrary code via a large PlaylistSkin value in a skin file.
by Encrypt3d.M!nd
Pligg CMS 9.9.5 Beta - SQL Injection
SQL injection vulnerability in evb/check_url.php in Pligg CMS 9.9.5 Beta allows remote attackers to execute arbitrary SQL commands via the url parameter.
by Ams
By Source