Exploitdb Exploits

31,344 exploits tracked across all sources.

Sort: Activity Stars
CVE-2011-1956 EXPLOITDB text VERIFIED
Wireshark 1.4.5 - DoS
The bytes_repr_len function in Wireshark 1.4.5 uses an incorrect pointer argument, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via arbitrary TCP traffic.
by rouli
EIP-2026-113296 EXPLOITDB text VERIFIED
WeBid 1.0.2 - Persistent Cross-Site Scripting (via SQL Injection)
by Saif
EIP-2026-114868 EXPLOITDB text VERIFIED
Adobe Reader/Acrobat 10.0.1 - Denial of Service
by Soroush Dalili
EIP-2026-105759 EXPLOITDB text
Catalog Builder eCommerce Software - Blind SQL Injection
by takeshix
EIP-2026-109483 EXPLOITDB text VERIFIED
miniblog 1.0 - Multiple Cross-Site Scripting Vulnerabilities
by High-Tech Bridge SA
EIP-2026-107222 EXPLOITDB text VERIFIED
Free Simple CMS 1.0 - Multiple Vulnerabilities
by High-Tech Bridge SA
EIP-2026-105162 EXPLOITDB text VERIFIED
AMHSHOP 3.7.0 - SQL Injection
by Yassin Aboukir
CVE-2010-3271 EXPLOITDB text VERIFIED
IBM WebSphere Application Server <7.0.0.13 - CSRF
Multiple cross-site request forgery (CSRF) vulnerabilities in the Integrated Solutions Console (aka administrative console) in IBM WebSphere Application Server (WAS) 7.0.0.13 and earlier allow remote attackers to hijack the authentication of administrators for requests that disable certain security options via an Edit action to console/adminSecurityDetail.do followed by a save action to console/syncworkspace.do.
by Core Security
EIP-2026-115808 EXPLOITDB text
Microsoft Windows Media Player with K-Lite Codec Pack - Denial of Service (PoC)
by Nicolas Krassas
EIP-2026-115751 EXPLOITDB text VERIFIED
Microsoft Office XP - Remote code Execution
by Francis Provencher
CVE-2011-1872 EXPLOITDB text VERIFIED
Microsoft Windows Server <2008 Gold-SP1 - DoS
Hyper-V in Microsoft Windows Server 2008 Gold, SP2, R2, and R2 SP1 allows guest OS users to cause a denial of service (host OS infinite loop) via malformed machine instructions in a VMBus packet, aka "VMBus Persistent DoS Vulnerability."
by Core Security
EIP-2026-112980 EXPLOITDB text VERIFIED
vBTube 1.2.9 - 'vBTube.php' Multiple Cross-Site Scripting Vulnerabilities
by Mr.ThieF
EIP-2026-106269 EXPLOITDB text
cubecart 2.0.7 - Multiple Vulnerabilities
by Shamus
CVE-2011-2202 EXPLOITDB text VERIFIED
PHP <5.3.7 - Path Traversal
The rfc1867_post_handler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote attackers to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, via a crafted upload request, related to a "file path injection vulnerability."
by Krzysztof Kotowicz
EIP-2026-113280 EXPLOITDB text VERIFIED
WebFileExplorer 3.6 - 'user' / 'pass' SQL Injection
by pentesters.ir
EIP-2026-108851 EXPLOITDB text VERIFIED
Joomla! Component Scriptegrator 1.5 - Local File Inclusion
by jdc
EIP-2026-108788 EXPLOITDB text VERIFIED
Joomla! Component Minitek FAQ Book 1.3 - 'id' SQL Injection
by kaMtiEz
EIP-2026-104378 EXPLOITDB text VERIFIED
Oracle HTTP Server - Cross-Site Scripting Header Injection
by Yasser ABOUKIR
EIP-2026-100432 EXPLOITDB text VERIFIED
Microsoft Lync Server 2010 - 'ReachJoin.aspx' Remote Command Injection
by Mark Lachniet
CVE-2011-5211 EXPLOITDB text VERIFIED
Intelliants Subrion Cms - XSS
Cross-site scripting (XSS) vulnerability in the poll module in Subrion CMS 2.0.4 allows remote attackers to inject arbitrary web script or HTML via the title field. NOTE: some of these details are obtained from third party information. NOTE: this might overlap CVE-2012-5452.
by Karthik R
EIP-2026-119446 EXPLOITDB text VERIFIED
Trend Micro Data Loss Prevention Virtual Appliance 5.5 - Directory Traversal
by White Hat Consultores
CVE-2011-5212 EXPLOITDB text VERIFIED
Intelliants Subrion Cms - SQL Injection
SQL injection vulnerability in admin/index.php in Subrion CMS 2.0.4 allows remote attackers to execute arbitrary SQL commands via the (1) user name or (2) password field.
by Karthik R
EIP-2026-119444 EXPLOITDB text VERIFIED
Tele Data Contact Management Server - Directory Traversal
by AutoSec Tools
EIP-2026-119142 EXPLOITDB text VERIFIED
Simple Web Server 1.2 - Directory Traversal
by AutoSec Tools
EIP-2026-112737 EXPLOITDB text VERIFIED
Tolinet Agencia - 'id' SQL Injection
by Andrea Bocchetti
By Source
All 31,344 Writeup 60,306 Exploitdb 50,009 Nomisec 21,873 Metasploit 3,224 Github 2,687 Vulncheck_xdb 906 Inthewild 514 Gitlab 442 Gitee 415 Patchapalooza 312
By Language
text 31,344 python 6,021 ruby 5,913 c 3,575 perl 2,849 html 2,053 php 1,326 bash 460 java 364 c++ 250 javascript 220 shell 94 go 58 postscript 25 xml 24