Exploitdb Exploits
31,394 exploits tracked across all sources.
Siemens SiPass integrated < mp2.6 - Remote Code Execution via IOCP RPC Message Handling
AscoServer.exe in the server in Siemens SiPass integrated MP2.6 and earlier does not properly handle IOCP RPC messages received over an Ethernet network, which allows remote attackers to write data to any memory location and consequently execute arbitrary code via crafted messages, as demonstrated by an arbitrary pointer dereference attack or a buffer overflow attack.
by Lucas Apa
RealPlayer 15.0.6.14(.3g2) - 'WriteAV' Crash (PoC)
by coolkaveh
WordPress Plugin bbPress - Multiple Vulnerabilities
by Dark-Puzzle
Joomla! Component Spider Catalog 1.1 - 'Product_ID' SQL Injection
by D4NB4R
Endpoint Protector 4.0.4.2 - Multiple Persistent Cross-Site Scripting Vulnerabilities
by CYBSEC Labs
KDE Konqueror 4.7.3 - Use-After-Free via IFrame Context Menu Access
Use-after-free vulnerability in khtml/rendering/render_replaced.cpp in Konqueror in KDE 4.7.3, when the context menu is shown, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by accessing an iframe when it is being updated.
by Tim Brown
Axigen Free Mail Server - Path Traversal
Multiple directory traversal vulnerabilities in the View Log Files component in Axigen Free Mail Server allow remote attackers to read or delete arbitrary files via a .. (dot dot) in (1) the fileName parameter in a download action to source/loggin/page_log_dwn_file.hsp, or the fileName parameter in (2) an edit action or (3) a delete action to the default URI.
by Zhao Liang
WordPress Plugin foxypress 0.4.2.5 - Multiple Vulnerabilities
by waraxe
vam shop 1.69 - Multiple Vulnerabilities
by Security Effect Team
PG Dating Pro CMS 1.0 - Multiple Vulnerabilities
by Vulnerability-Lab
NetCat CMS - Multiple Cross-Site Scripting Vulnerabilities
by Security Effect Team
BloofoxCMS 0.3.5 - Multiple Cross-Site Scripting Vulnerabilities
by Canberk BOLAT
SolarWinds Orion <3.0-HotFix1 - XSS
Cross-site scripting (XSS) vulnerability in IPAMSummaryView.aspx in the IPAM web interface before 3.0-HotFix1 in SolarWinds Orion Network Performance Monitor might allow remote attackers to inject arbitrary web script or HTML via the "Search for an IP address" field.
by Anthony Trummer
Joomla! Component com_quiz - SQL Injection
by Daniel Barragan
WordPress Plugin Easy Webinar - Blind SQL Injection
by Robert Cooper
Aladdin Knowledge System Ltd. PrivAgent ActiveX Control 2.0 - Multiple Vulnerabilities
by shinnai
Inventory - Multiple Cross-Site Scripting / SQL Injections
by G13
Microsoft Office Picture Manager 2010 - Crash (PoC)
by coolkaveh
By Source