Exploitdb Exploits

31,394 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-111937 EXPLOITDB text VERIFIED
Schoolhos CMS - HTML Injection
by the_cyber_nuxbie
CVE-2012-0298 EXPLOITDB text VERIFIED
Symantec Web Gateway <5.0.3 - Info Disclosure
The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to (1) read or (2) delete arbitrary files via unspecified vectors.
by S2 Crew
EIP-2026-116804 EXPLOITDB text
Apple QuickTime - QuickTime.util.QTByteObject Initialization Security Checks Bypass
by Security Explorations
EIP-2026-114187 EXPLOITDB text VERIFIED
WordPress Plugin Website FAQ 1.0 - SQL Injection
by Chris Kellum
EIP-2026-106455 EXPLOITDB text VERIFIED
DigPHP - 'dig.php' Script Remote File Disclosure
by Ryuzaki Lawlet
EIP-2026-101494 EXPLOITDB text
Western Digital's WD TV Live SMP/Hub - Privilege Escalation
by Wolfgang Borst
CVE-2012-1831 EXPLOITDB text VERIFIED
WellinTech KingView < 6.53 - Remote Code Execution via Crafted TCP Packet
Heap-based buffer overflow in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 555.
by Carlos Mario Penagos Hollmann
EIP-2026-113737 EXPLOITDB text
WordPress Plugin Fancy Gallery 1.2.4 - Arbitrary File Upload
by Sammy FORGIT
EIP-2026-112893 EXPLOITDB text VERIFIED
Umapresence - Local File Inclusion / Arbitrary File Deletion
by Sammy FORGIT
CVE-2011-2751 EXPLOITDB text VERIFIED
Parodia < 6.8 - SQL Injection
SQL injection vulnerability in Parodia before 6.809 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
by Carlos Mario Penagos Hollmann
EIP-2026-115466 EXPLOITDB text VERIFIED
IrfanView 4.33 - '.DJVU' Image Processing Heap Overflow
by Francis Provencher
EIP-2026-112848 EXPLOITDB text VERIFIED
UCCASS 1.8.1 - Blind SQL Injection
by dun
EIP-2026-113759 EXPLOITDB text VERIFIED
WordPress Plugin Flip Book - 'PHP.php' Arbitrary File Upload
by Sammy FORGIT
EIP-2026-112054 EXPLOITDB text VERIFIED
SilverStripe CMS Pixlr Image Editor - 'upload.php' Arbitrary File Upload
by Sammy FORGIT
EIP-2026-105157 EXPLOITDB text VERIFIED
Amazon S3 Uploadify Script - 'Uploadify.php' Arbitrary File Upload
by Sammy FORGIT
EIP-2026-119427 EXPLOITDB text VERIFIED
SoftPerfect Bandwidth Manager 2.9.10 - Authentication Bypass
by Gitsnik
CVE-2012-0276 EXPLOITDB text VERIFIED
XnView < 1.99 - Heap-Based Buffer Overflow via SGI32LogLum Compressed TIFF Image
Multiple heap-based buffer overflows in XnView before 1.99 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a (1) SGI32LogLum compressed TIFF image or (2) SGI32LogLum compressed TIFF image with the PhotometricInterpretation encoding set to LogL.
by Francis Provencher
CVE-2012-0276 EXPLOITDB text VERIFIED
XnView < 1.99 - Heap-Based Buffer Overflow via SGI32LogLum Compressed TIFF Image
Multiple heap-based buffer overflows in XnView before 1.99 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a (1) SGI32LogLum compressed TIFF image or (2) SGI32LogLum compressed TIFF image with the PhotometricInterpretation encoding set to LogL.
by Francis Provencher
CVE-2012-0277 EXPLOITDB text VERIFIED
XnView < 1.99 - Heap-Based Buffer Overflow via Crafted PCT Image
Heap-based buffer overflow in XnView before 1.99 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PCT image.
by Francis Provencher
CVE-2012-0282 EXPLOITDB text VERIFIED
XnView < 1.98.8 - Heap-Based Buffer Overflow via GIF ImageDescriptor ImageLeftPosition
Heap-based buffer overflow in XnView before 1.99 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted ImageLeftPosition value in an ImageDescriptor structure in a GIF image.
by Francis Provencher
EIP-2026-116140 EXPLOITDB text
Qutecom SoftPhone 2.2.1 - Heap Overflow Crash (Denial of Service) (PoC)
by Debasish Mandal
CVE-2012-2614 EXPLOITDB text VERIFIED
Lattice Diamond Programmer 1.4.2 - Buffer Overflow
Buffer overflow in programmer.exe in Lattice Diamond Programmer 1.4.2 allows user-assisted remote attackers to cause a denial of service (application crash) and execute arbitrary code via a long string in a version attribute of an ispXCF element in an .xcf file.
by Core Security
EIP-2026-114846 EXPLOITDB text VERIFIED
ACDSee PRO 5.1 - '.RLE' Image Processing Heap Overflow
by Francis Provencher
EIP-2026-114845 EXPLOITDB text VERIFIED
ACDSee PRO 5.1 - '.PCT' Image Processing Heap Overflow
by Francis Provencher
EIP-2026-114844 EXPLOITDB text VERIFIED
ACDSee PRO 5.1 - '.gif' Image Processing Heap Overflow
by Francis Provencher