Exploitdb Exploits

2,689 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-116807 EXPLOITDB ruby VERIFIED
Archive Searcher - '.zip' Local Stack Overflow
by Lincoln
CVE-2010-0955 EXPLOITDB ruby VERIFIED
Bild Flirt Community 2.0 - SQL Injection
SQL injection vulnerability in index.php in Bild Flirt Community 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Easy Laster
EIP-2026-108121 EXPLOITDB ruby VERIFIED
joelz bulletin board 0.9.9rc3 - Multiple SQL Injections
by Easy Laster
CVE-2010-1423 EXPLOITDB ruby VERIFIED
Java NPAPI/Deployment Toolkit <6-19 - Command Injection
Argument injection vulnerability in the URI handler in (a) Java NPAPI plugin and (b) Java Deployment Toolkit in Java 6 Update 10, 19, and other versions, when running on Windows and possibly on Linux, allows remote attackers to execute arbitrary code via the (1) -J or (2) -XXaltjvm argument to javaws.exe, which is processed by the launch method. NOTE: some of these details are obtained from third party information.
by Metasploit
EIP-2026-118045 EXPLOITDB ruby VERIFIED
VariCAD 2010-2.05 EN - '.DWB' Local Stack Buffer Overflow (Metasploit)
by Metasploit
CVE-2007-2446 EXPLOITDB ruby VERIFIED
Samba 3.0.0-3.0.25rc3 - Buffer Overflow
Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (netdfs_io_dfs_EnumInfo_d), (2) RFNPCNEX (smb_io_notify_option_type_data), (3) LsarAddPrivilegesToAccount (lsa_io_privilege_set), (4) NetSetFileSecurity (sec_io_acl), or (5) LsarLookupSids/LsarLookupSids2 (lsa_io_trans_names).
by Metasploit
CVE-2007-2446 EXPLOITDB ruby VERIFIED
Samba 3.0.0-3.0.25rc3 - Buffer Overflow
Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (netdfs_io_dfs_EnumInfo_d), (2) RFNPCNEX (smb_io_notify_option_type_data), (3) LsarAddPrivilegesToAccount (lsa_io_privilege_set), (4) NetSetFileSecurity (sec_io_acl), or (5) LsarLookupSids/LsarLookupSids2 (lsa_io_trans_names).
by Metasploit
CVE-2011-5165 EXPLOITDB ruby VERIFIED
Free MP3 CD Ripper <= 2.6 - Stack-based Buffer Overflow via Crafted WAV File
Stack-based buffer overflow in Free MP3 CD Ripper 1.1, 2.6 and earlier, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted .wav file.
by Richard leahy
CVE-2000-0284 EXPLOITDB ruby VERIFIED
University of Washington imapd 4.7 - Authenticated Buffer Overflow via LIST Command
Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands.
by Metasploit
EIP-2026-118215 EXPLOITDB ruby VERIFIED
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Buffer Overflow (Metasploit)
by blake
CVE-2009-4655 EXPLOITDB ruby VERIFIED
Novell eDirectory 8.8.5 - Info Disclosure
The dhost web service in Novell eDirectory 8.8.5 uses a predictable session cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie.
by Metasploit
CVE-2009-4006 EXPLOITDB ruby VERIFIED
RhinoSoft Serv-U <9.1.0.0 - Buffer Overflow
Stack-based buffer overflow in the TEA decoding algorithm in RhinoSoft Serv-U FTP server 7.0.0.1, 9.0.0.5, and other versions before 9.1.0.0 allows remote attackers to execute arbitrary code via a long hexadecimal string.
by Metasploit
CVE-2010-0806 EXPLOITDB HIGH ruby VERIFIED
Microsoft Internet Explorer <7 - Use After Free
Use-after-free vulnerability in the Peer Objects component (aka iepeers.dll) in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object, as exploited in the wild in March 2010, aka "Uninitialized Memory Corruption Vulnerability."
by Trancer
CVSS 8.8
EIP-2026-118621 EXPLOITDB ruby VERIFIED
Green Dam - URL Processing Buffer Overflow (Metasploit)
by Metasploit
CVE-2010-20121 EXPLOITDB CRITICAL ruby VERIFIED
EasyFTP Server <= 1.7.0.11 - Unauthenticated Stack-based Buffer Overflow via CWD Command
EasyFTP Server versions up to 1.7.0.11 contain a stack-based buffer overflow vulnerability in the FTP command parser. When processing the CWD (Change Working Directory) command, the server fails to properly validate the length of the input string, allowing attackers to overwrite memory on the stack. This flaw enables remote code execution without authentication, as EasyFTP allows anonymous access by default. The vulnerability was resolved in version 1.7.0.12, after which the product was renamed “UplusFtp.”
by blake
CVSS 9.8
CVE-2010-0688 EXPLOITDB ruby VERIFIED
Orbital Viewer 1.04 - Buffer Overflow
Stack-based buffer overflow in Orbital Viewer 1.04 allows user-assisted remote attackers to execute arbitrary code via a crafted (1) .orb or (2) .ov file.
by Metasploit
EIP-2026-101024 EXPLOITDB ruby VERIFIED
iPhone / iTouch FtpDisc 1.0 - Buffer Overflow (Denial of Service) (PoC)
by Alberto Ortega
CVE-2009-2817 EXPLOITDB ruby VERIFIED
Apple iTunes < 9.0.1 - Remote Code Execution via Crafted .pls File
Buffer overflow in Apple iTunes before 9.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .pls file.
by S2 Crew
CVE-2006-3747 EXPLOITDB ruby VERIFIED
Apache HTTP Server 1.3.28-1.3.36 & 2.0.46-2.0.58 - DoS & RCE via mod_rewrite LDAP Handling
Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.
by Metasploit
CVE-2003-0471 EXPLOITDB ruby VERIFIED
Alt-N WebAdmin - Buffer Overflow via USER Argument
Buffer overflow in WebAdmin.exe for WebAdmin allows remote attackers to execute arbitrary code via an HTTP request to WebAdmin.dll with a long USER argument.
by Metasploit
CVE-2004-2086 EXPLOITDB ruby VERIFIED
Sambar Server <6.0 - Buffer Overflow
Stack-based buffer overflow in results.stm for Sambar Server before the 6.0 production release allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP POST request with a long query parameter.
by Metasploit
CVE-2010-0679 EXPLOITDB ruby
Hyleos ChemView 1.9.5.1 - Remote Code Execution via HyleosChemView ActiveX Control
Multiple stack-based buffer overflows in the HyleosChemView.HLChemView ActiveX control (HyleosChemView.ocx) in Hyleos ChemView 1.9.5.1 allow remote attackers to execute arbitrary code via a large number of white space characters in the filename argument to the (1) SaveasMolFile and (2) ReadMolFile methods.
by Dz_attacker
CVE-2010-0304 EXPLOITDB ruby VERIFIED
Wireshark 0.9.15-1.0.10 and 1.2.0-1.2.5 - Denial of Service via Malformed LWRES Packet
Multiple buffer overflows in the LWRES dissector in Wireshark 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allow remote attackers to cause a denial of service (crash) via a malformed packet, as demonstrated using a stack-based buffer overflow to the dissect_getaddrsbyname_request function.
by Metasploit
EIP-2026-104027 EXPLOITDB ruby VERIFIED
Oracle 11g - Multiple Privilege Escalation Vulnerabilities
by David Litchfield
EIP-2026-104024 EXPLOITDB ruby VERIFIED
Oracle 10g - Multiple Privilege Escalation Vulnerabilities
by David Litchfield
By Source
All 2,689 Writeup 62,478 Exploitdb 50,076 Nomisec 22,448 Github 3,670 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,594 ruby 6,006 c 3,631 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 231 shell 133 go 73 postscript 25 typescript 25