Exploitdb Exploits

31,394 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-104914 EXPLOITDB text
Achievo 1.4.5 - Multiple Vulnerabilities (1)
by Canberk BOLAT
CVE-2012-5409 EXPLOITDB text
Siemens SiPass integrated < mp2.6 - Remote Code Execution via IOCP RPC Message Handling
AscoServer.exe in the server in Siemens SiPass integrated MP2.6 and earlier does not properly handle IOCP RPC messages received over an Ethernet network, which allows remote attackers to write data to any memory location and consequently execute arbitrary code via crafted messages, as demonstrated by an arbitrary pointer dereference attack or a buffer overflow attack.
by Lucas Apa
EIP-2026-116165 EXPLOITDB text VERIFIED
RealPlayer 15.0.6.14(.3g2) - 'WriteAV' Crash (PoC)
by coolkaveh
EIP-2026-113590 EXPLOITDB text VERIFIED
WordPress Plugin bbPress - Multiple Vulnerabilities
by Dark-Puzzle
EIP-2026-109714 EXPLOITDB text
MyBB Follower User Plugin - SQL Injection
by Zixem
EIP-2026-108866 EXPLOITDB text VERIFIED
Joomla! Component Spider Catalog 1.1 - 'Product_ID' SQL Injection
by D4NB4R
EIP-2026-106877 EXPLOITDB text
Endpoint Protector 4.0.4.2 - Multiple Persistent Cross-Site Scripting Vulnerabilities
by CYBSEC Labs
CVE-2012-4515 EXPLOITDB text
KDE Konqueror 4.7.3 - Use-After-Free via IFrame Context Menu Access
Use-after-free vulnerability in khtml/rendering/render_replaced.cpp in Konqueror in KDE 4.7.3, when the context menu is shown, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by accessing an iframe when it is being updated.
by Tim Brown
CVE-2012-4940 EXPLOITDB text VERIFIED
Axigen Free Mail Server - Path Traversal
Multiple directory traversal vulnerabilities in the View Log Files component in Axigen Free Mail Server allow remote attackers to read or delete arbitrary files via a .. (dot dot) in (1) the fileName parameter in a download action to source/loggin/page_log_dwn_file.hsp, or the fileName parameter in (2) an edit action or (3) a delete action to the default URI.
by Zhao Liang
EIP-2026-113769 EXPLOITDB text
WordPress Plugin foxypress 0.4.2.5 - Multiple Vulnerabilities
by waraxe
EIP-2026-112950 EXPLOITDB text VERIFIED
vam shop 1.69 - Multiple Vulnerabilities
by Security Effect Team
EIP-2026-110567 EXPLOITDB text
PG Dating Pro CMS 1.0 - Multiple Vulnerabilities
by Vulnerability-Lab
EIP-2026-109879 EXPLOITDB text VERIFIED
NetCat CMS - Multiple Cross-Site Scripting Vulnerabilities
by Security Effect Team
EIP-2026-105545 EXPLOITDB text VERIFIED
BloofoxCMS 0.3.5 - Multiple Cross-Site Scripting Vulnerabilities
by Canberk BOLAT
CVE-2012-4939 EXPLOITDB text VERIFIED
SolarWinds Orion <3.0-HotFix1 - XSS
Cross-site scripting (XSS) vulnerability in IPAMSummaryView.aspx in the IPAM web interface before 3.0-HotFix1 in SolarWinds Orion Network Performance Monitor might allow remote attackers to inject arbitrary web script or HTML via the "Search for an IP address" field.
by Anthony Trummer
EIP-2026-108503 EXPLOITDB text VERIFIED
Joomla! Component com_quiz - SQL Injection
by Daniel Barragan
EIP-2026-115655 EXPLOITDB text VERIFIED
Microsoft Excel 2010 - Crash (PoC) (1)
by coolkaveh
EIP-2026-115761 EXPLOITDB text VERIFIED
Microsoft Publisher 2010 - Crash (PoC)
by coolkaveh
EIP-2026-113712 EXPLOITDB text VERIFIED
WordPress Plugin Easy Webinar - Blind SQL Injection
by Robert Cooper
EIP-2026-106170 EXPLOITDB text VERIFIED
CorePlayer - 'callback' Cross-Site Scripting
by MustLive
EIP-2026-114884 EXPLOITDB text VERIFIED
Aladdin Knowledge System Ltd. PrivAgent ActiveX Control 2.0 - Multiple Vulnerabilities
by shinnai
EIP-2026-113071 EXPLOITDB text VERIFIED
VicBlog - Multiple SQL Injections
by Geek
EIP-2026-107899 EXPLOITDB text VERIFIED
Inventory - Multiple Cross-Site Scripting / SQL Injections
by G13
EIP-2026-115747 EXPLOITDB text VERIFIED
Microsoft Office Picture Manager 2010 - Crash (PoC)
by coolkaveh
EIP-2026-107476 EXPLOITDB text VERIFIED
Gramophone - 'rs' Cross-Site Scripting
by G13