Exploitdb Exploits
31,344 exploits tracked across all sources.
Adobe Flash Player < 9.0.289.0 - Denial of Service
Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors.
by Matthew Bergin
Joomla! - SQL Injection
SQL injection vulnerability in the ccInvoices (com_ccinvoices) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewInv action to index.php.
by FL0RiX
Joomla! Component AutoArticles 3000 - SQL Injection
by jos_ali_joe
Joomla! 1.5.x - SQL Error Information Disclosure
by YGN Ethical Hacker Group
Bsdperimeter Pfsense - XSS
Multiple cross-site scripting (XSS) vulnerabilities in graph.php in pfSense 1.2.3 and 2 beta 4 allow remote attackers to inject arbitrary web script or HTML via the (1) ifnum or (2) ifname parameter, a different vulnerability than CVE-2008-1182.
by dave b
Php < 5.2.15 - Improper Input Validation
The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ZIP archive.
by Maksymilian Arciemowicz
Angel Learning Management System 7.3 - 'pdaview.asp' Cross-Site Scripting
by Wesley Kerfoot
Adobe Acrobat Reader - Memory Corruption
The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.
by scup
SweetRice CMS <0.6.7.1 - XSS
The password-reset feature in as/index.php in SweetRice CMS before 0.6.7.1 allows remote attackers to modify the administrator's password by specifying the administrator's e-mail address in the email parameter.
by High-Tech Bridge SA
eoCMS 0.9.04 - Multiple Vulnerabilities
by High-Tech Bridge SA
Avira Premium Security Suite - 'NtCreateKey' Race Condition
by Nikita Tarakanov
eLouai's Force Download Script - Arbitrary Local File Download
by v1R00Z
Sumeffect Digishop - SQL Injection
SQL injection vulnerability in cart.php in digiSHOP 2.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vulnerability than CVE-2005-4614.1.
by Silic0n
Cisco Unified Communications Manager <8 - Command Injection
/usr/local/cm/bin/pktCap_protectData in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6, 7, and 8 allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in a request to the administrative interface, aka Bug IDs CSCti52041 and CSCti74930.
by Knud Erik Hjgaard
Webmedia Explorer 6.13.1 - Persistent Cross-Site Scripting
by High-Tech Bridge SA
Onlinetechtools.com Oasys Professional - SQL Injection
SQL injection vulnerability in process.asp in OnlineTechTools Online Work Order System (OWOS) Professional Edition 2.10 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: some of these details are obtained from third party information.
by VSN
MemHT Portal 4.0.1 - Persistent Cross-Site Scripting
by High-Tech Bridge SA
Kandidat CMS 1.4.2 - Persistent Cross-Site Scripting
by High-Tech Bridge SA
By Source