Exploitdb Exploits

31,344 exploits tracked across all sources.

Sort: Activity Stars
CVE-2010-4273 EXPLOITDB text VERIFIED
Accimoveis Descargarvista Acc Imoveis - SQL Injection
SQL injection vulnerability in imoveis.php in DescargarVista ACC IMoveis 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by EraGoN
CVE-2010-4099 EXPLOITDB text
Nitrosecurity Nitroview Esm Software - Improper Input Validation
ess.pm in NitroSecurity NitroView ESM 8.4.0a, when ESSPMDebug is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in the Request parameter to ess.
by Filip Palian
EIP-2026-111328 EXPLOITDB text
Plesk Small Business Manager 10.2.0 and Site Editor - Multiple Vulnerabilities
by David Hoyt
EIP-2026-111578 EXPLOITDB text VERIFIED
Pulse Pro 1.4.3 - Persistent Cross-Site Scripting
by Th3 RDX
CVE-2010-4869 EXPLOITDB text VERIFIED
DBHcms 1.1.4 - SQL Injection
SQL injection vulnerability in index.php in DBHcms 1.1.4 allows remote attackers to execute arbitrary SQL commands via the editmenu parameter.
by ZonTa
CVE-2010-4868 EXPLOITDB text VERIFIED
W-Agora <4.2.1 - XSS
Cross-site scripting (XSS) vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the bn parameter.
by MustLive
CVE-2010-4867 EXPLOITDB text VERIFIED
W-Agora <4.2.1 - Path Traversal
Directory traversal vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the bn parameter.
by MustLive
EIP-2026-112086 EXPLOITDB text VERIFIED
Simple Directory Listing 2.1 - 'SDL2.php' Cross-Site Scripting
by Amol Naik
CVE-2010-4120 EXPLOITDB text VERIFIED
IBM Tivoli Access Manager For E-business - XSS
Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method parameter to (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, or (11) webseal in ibm/wpm/.
by IBM
CVE-2010-4120 EXPLOITDB text VERIFIED
IBM Tivoli Access Manager For E-business - XSS
Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method parameter to (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, or (11) webseal in ibm/wpm/.
by IBM
CVE-2010-4120 EXPLOITDB text VERIFIED
IBM Tivoli Access Manager For E-business - XSS
Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method parameter to (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, or (11) webseal in ibm/wpm/.
by IBM
CVE-2010-4120 EXPLOITDB text VERIFIED
IBM Tivoli Access Manager For E-business - XSS
Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method parameter to (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, or (11) webseal in ibm/wpm/.
by IBM
CVE-2010-4120 EXPLOITDB text VERIFIED
IBM Tivoli Access Manager For E-business - XSS
Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method parameter to (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, or (11) webseal in ibm/wpm/.
by IBM
CVE-2010-4120 EXPLOITDB text VERIFIED
IBM Tivoli Access Manager For E-business - XSS
Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method parameter to (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, or (11) webseal in ibm/wpm/.
by IBM
CVE-2010-4120 EXPLOITDB text VERIFIED
IBM Tivoli Access Manager For E-business - XSS
Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method parameter to (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, or (11) webseal in ibm/wpm/.
by IBM
CVE-2010-4120 EXPLOITDB text VERIFIED
IBM Tivoli Access Manager For E-business - XSS
Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method parameter to (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, or (11) webseal in ibm/wpm/.
by IBM
CVE-2010-4120 EXPLOITDB text VERIFIED
IBM Tivoli Access Manager For E-business - XSS
Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method parameter to (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, or (11) webseal in ibm/wpm/.
by IBM
CVE-2010-4120 EXPLOITDB text VERIFIED
IBM Tivoli Access Manager For E-business - XSS
Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method parameter to (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, or (11) webseal in ibm/wpm/.
by IBM
CVE-2010-4120 EXPLOITDB text VERIFIED
IBM Tivoli Access Manager For E-business - XSS
Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method parameter to (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, or (11) webseal in ibm/wpm/.
by IBM
CVE-2010-3856 EXPLOITDB text VERIFIED
GNU Glibc < 2.11.2 - Access Control
ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a trusted library directory, as demonstrated by libpcprofile.so.
by Tavis Ormandy
CVE-2010-3653 EXPLOITDB text VERIFIED
Adobe Shockwave Player < 11.5.8.612 - Memory Corruption
The Director module (dirapi.dll) in Adobe Shockwave Player before 11.5.9.615 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted rcsL chunk containing a field whose value is used as a pointer offset, as exploited in the wild in October 2010. NOTE: some of these details are obtained from third party information.
by Abysssec
EIP-2026-115810 EXPLOITDB text VERIFIED
Microsoft Windows Mobile 6.1/6.5 - Double-Free Denial of Service
by musashi karak0rsan
EIP-2026-113423 EXPLOITDB text VERIFIED
Wiccle Web Builder 2.0 - Multiple Cross-Site Scripting Vulnerabilities
by Veerendra G.G
EIP-2026-112408 EXPLOITDB text VERIFIED
Squirrelcart PRO 3.0.0 - Blind SQL Injection
by Salvatore Fresta
EIP-2026-110535 EXPLOITDB text VERIFIED
pecio CMS 2.0.5 - 'target' Cross-Site Scripting
by Antu Sanadi
By Source
All 31,344 Writeup 60,393 Exploitdb 50,009 Nomisec 21,896 Metasploit 3,227 Github 2,737 Vulncheck_xdb 907 Inthewild 514 Gitlab 442 Gitee 415 Patchapalooza 312
By Language
text 31,344 python 6,039 ruby 5,916 c 3,576 perl 2,849 html 2,053 php 1,326 bash 460 java 364 c++ 251 javascript 220 shell 96 go 61 postscript 25 xml 24