Exploitdb Exploits

31,394 exploits tracked across all sources.

Sort: Activity Stars
CVE-2010-2892 EXPLOITDB text VERIFIED
LANDesk Management Gateway <4.0-1.48 & <4.2-1.8 - Command Injection
gsb/drivers.php in LANDesk Management Gateway 4.0 through 4.0-1.48 and 4.2 through 4.2-1.8 allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the DRIVES parameter, as demonstrated by a cross-site request forgery (CSRF) attack.
by Aureliano Calvo
CVE-2010-1840 EXPLOITDB text VERIFIED
Apple Mac OS X 10.5.8 and 10.6.x < 10.6.5 - Remote Code Execution via Directory Services Password Validation
Stack-based buffer overflow in the password-validation functionality in Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
by Rodrigo Rubira
CVE-2010-4873 EXPLOITDB text VERIFIED
WeBid 0.8.5 P1 - Cross-Site Scripting via confirm.php id Parameter
Cross-site scripting (XSS) vulnerability in confirm.php in WeBid 0.8.5 P1 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
by John Leitch
CVE-2010-4836 EXPLOITDB text VERIFIED
phpshop < 2.1 - Cross-Site Scripting via register.html name_new Parameter
Cross-site scripting (XSS) vulnerability in register.html in PHPShop 2.1 EE and earlier allows remote attackers to inject arbitrary web script or HTML via the name_new parameter.
by MustLive
EIP-2026-107064 EXPLOITDB text
FCKEditor Core 2.x 2.4.3 - 'FileManager upload.php' Arbitrary File Upload
by grabz
EIP-2026-106745 EXPLOITDB text VERIFIED
eBlog 1.7 - Multiple SQL Injections
by Salvatore Fresta
CVE-2010-3895 EXPLOITDB text
IBM OmniFind Enterprise Edition < 9.1 - Local Privilege Escalation via esRunCommand
esRunCommand in IBM OmniFind Enterprise Edition before 9.1 allows local users to gain privileges by specifying an arbitrary command name as the first argument.
by Fatih Kilic
EIP-2026-111772 EXPLOITDB text VERIFIED
Ricoh Web Image Monitor 2.03 - Cross-Site Scripting
by thelightcosine
EIP-2026-110368 EXPLOITDB text VERIFIED
osCommerce 2.2 - Cross-Site Request Forgery
by daandeveloper33
CVE-2010-4638 EXPLOITDB text VERIFIED
com_jquarks4s 1.0.0 - SQL Injection via submitSurvey q Parameter
SQL injection vulnerability in the submitSurvey function in controller.php in JQuarks4s (com_jquarks4s) component 1.0.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the q parameter in a submitSurvey action to index.php.
by Salvatore Fresta
EIP-2026-108438 EXPLOITDB text VERIFIED
Joomla! Component com_markt - SQL Injection
by CoBRa_21
EIP-2026-108375 EXPLOITDB text VERIFIED
Joomla! Component com_img - Local File Inclusion
by CoBRa_21
EIP-2026-108225 EXPLOITDB text VERIFIED
Joomla! Component btg_oglas - HTML / Cross-Site Scripting Injection
by CoBRa_21
CVE-2010-3893 EXPLOITDB text VERIFIED
IBM OmniFind Enterprise Edition 8.x and 9.x - Session Impersonation via Stolen Cookie
The administrator interface in IBM OmniFind Enterprise Edition 8.x and 9.x does not restrict use of a session ID (aka SID) value to a single IP address, which allows remote attackers to perform arbitrary administrative actions by leveraging cookie theft, related to a "session impersonation" issue.
by Fatih Kilic
CVE-2010-4236 EXPLOITDB text
IBM OmniFind EE <9.1 - Privilege Escalation
Untrusted search path vulnerability in estaskwrapper in IBM OmniFind Enterprise Edition before 9.1 allows local users to gain privileges via an ES_LIBRARY_PATH environment variable and a modified PATH environment variable, which is used during execution of the estasklight program, a different vulnerability than CVE-2010-3895.
by Fatih Kilic
CVE-2010-3678 EXPLOITDB text VERIFIED
Oracle MySQL 5.1 < 5.1.49 - Authenticated Denial of Service via IN or CASE Operations with NULL Arguments
Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (crash) via (1) IN or (2) CASE operations with NULL arguments that are explicitly specified or indirectly provided by the WITH ROLLUP modifier.
by Shane Bester
CVE-2010-3894 EXPLOITDB text
IBM OmniFind Enterprise Edition < 8.5 FP6 - Stack-based Buffer Overflow via Long Password
Stack-based buffer overflow in the Java_com_ibm_es_oss_CryptionNative_ESEncrypt function in /opt/IBM/es/lib/libffq.cryptionjni.so in the login form in the administration interface in IBM OmniFind Enterprise Edition before 8.5 FP6 allows remote attackers to execute arbitrary code via a long password.
by Fatih Kilic
CVE-2010-4711 EXPLOITDB text VERIFIED
Novell GroupWise < 8.0.2 - Remote Code Execution via IMAP LIST Command
Double free vulnerability in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a large parameter in a LIST command.
by Francis Provencher
CVE-2010-4717 EXPLOITDB text VERIFIED
GroupWise Internet Agent <8.02HP - Buffer Overflow
Multiple stack-based buffer overflows in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long (1) LIST or (2) LSUB command.
by Francis Provencher
EIP-2026-101224 EXPLOITDB text VERIFIED
D-Link DIR-300 - Multiple Security Bypass Vulnerabilities
by Karol Celia
EIP-2026-116047 EXPLOITDB text VERIFIED
PCSX2 0.9.7 Beta - Binary Denial of Service
by 41.w4r10r
EIP-2026-114488 EXPLOITDB text VERIFIED
xt:Commerce Shopsoftware 3/4 - 'FCKeditor' Arbitrary File Upload
by Net.Edit0r
EIP-2026-114240 EXPLOITDB text VERIFIED
WordPress Plugin WP Survey And Quiz Tool 1.2.1 - Cross-Site Scripting
by John Leitch
CVE-2010-4875 EXPLOITDB text VERIFIED
Vodpod Video Gallery Plugin <3.1.5 - XSS
Cross-site scripting (XSS) vulnerability in vodpod-video-gallery/vodpod_gallery_thumbs.php in the Vodpod Video Gallery Plugin 3.1.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the gid parameter.
by John Leitch
EIP-2026-114030 EXPLOITDB text VERIFIED
WordPress Plugin SEO Tools 3.0 - 'file' Directory Traversal
by John Leitch