Exploitdb Exploits

EIP-2026-107510 EXPLOITDB text VERIFIED

Group Office - Remote Command Execution

by ADEO Security

View

EIP-2026-107509 EXPLOITDB text VERIFIED

Group Office - 'comment_id' SQL Injection

by Canberk BOLAT

View

CVE-2010-2906 EXPLOITDB text VERIFIED

ScriptsFeed & BrotherScripts - SQL Injection

SQL injection vulnerability in articlesdetails.php in ScriptsFeed and BrotherScripts (BS) Scripts Directory allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2010-2905.

by k4k4shi

View

CVE-2010-2777 EXPLOITDB text VERIFIED

Novell GroupWise <7.0-8.0 - Buffer Overflow

Stack-based buffer overflow in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x before 8.0 SP2 allows remote attackers to execute arbitrary code via a long mailbox name in a CREATE command.

by Francis Provencher

View

EIP-2026-113404 EXPLOITDB text VERIFIED

Whizzy CMS 10.01 - Local File Inclusion

by Anarchy Angel

View

EIP-2026-112392 EXPLOITDB text VERIFIED

Spitfire 1.0.381 - Cross-Site Scripting / Cross-Site Request Forgery

by Nijel the Destroyer

View

EIP-2026-112357 EXPLOITDB text VERIFIED

Sourcefabric Campsite Articles - HTML Injection

by D4rk357

View

EIP-2026-111330 EXPLOITDB text VERIFIED

Pligg CMS 1.0.4 - 'search.php' Cross-Site Scripting

by High-Tech Bridge SA

View

EIP-2026-111236 EXPLOITDB text VERIFIED

PHPWCMS 1.4.5 - 'PHPwcms.php' Cross-Site Scripting

by High-Tech Bridge SA

View

EIP-2026-108845 EXPLOITDB text VERIFIED

Joomla! Component redSHOP 1.0.23.1 - Blind SQL Injection

by Salvatore Fresta

View

EIP-2026-107375 EXPLOITDB text VERIFIED

Gekko Web Builder 9.0 - 'index.php' Cross-Site Scripting

by High-Tech Bridge SA

View

EIP-2026-107076 EXPLOITDB text VERIFIED

FestOS 2.3 - 'contents' Cross-Site Scripting

by High-Tech Bridge SA

View

EIP-2026-105702 EXPLOITDB text VERIFIED

Campsite CMS - Remote Persistent Cross-Site Scripting

by D4rk357

View

CVE-2010-2905 EXPLOITDB text VERIFIED

ScriptsFeed/BrotherScripts - SQL Injection

SQL injection vulnerability in info.php in ScriptsFeed and BrotherScripts (BS) Scripts Directory allows remote attackers to execute arbitrary SQL commands via the id parameter.

by D4rk357

View

EIP-2026-103688 EXPLOITDB text VERIFIED

Unreal Engine - 'ReceivedRawBunch()' Denial of Service

by Luigi Auriemma

View

CVE-2010-2782 EXPLOITDB text VERIFIED

Novell Groupwise Webaccess - Stack Overflow

by Francis Provencher

View

EIP-2026-102529 EXPLOITDB text VERIFIED

ORACLE Business Process Management (Process Administrator) 5.7-6.0-10.3 - Cross-Site Scripting

by Markot

View

EIP-2026-106029 EXPLOITDB text

CMSQLite - SQL Injection

by High-Tech Bridge SA

View

EIP-2026-104932 EXPLOITDB text

Ad Network Script - Persistent Cross-Site Scripting

by Sid3^effects

View

EIP-2026-104819 EXPLOITDB text

2DayBiz Businesscard Script - Authentication Bypass

by D4rk357

View

CVE-2010-1870 EXPLOITDB text

Struts 2.0.0-2.1.8.1 - RCE

The OGNL extensive expression evaluation capability in XWork in Struts 2.0.0 through 2.1.8.1, as used in Atlassian Fisheye, Crucible, and possibly other products, uses a permissive whitelist, which allows remote attackers to modify server-side context objects and bypass the "#" protection mechanism in ParameterInterceptors via the (1) #context, (2) #_memberAccess, (3) #root, (4) #this, (5) #_typeResolver, (6) #_classResolver, (7) #_traceEvaluations, (8) #_lastEvaluation, (9) #_keepLastEvaluation, and possibly other OGNL context variables, a different vulnerability than CVE-2008-6504.

by Meder Kydyraliev

View

EIP-2026-119361 EXPLOITDB text VERIFIED

dotDefender 4.02 - Authentication Bypass

by David K

View

CVE-2010-2383 EXPLOITDB text VERIFIED

Oracle Solaris <10 - Info Disclosure

Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect confidentiality and integrity, related to NFS.

by Frank Stuart

View

CVE-2010-0916 EXPLOITDB text VERIFIED

Oracle OpenSolaris 10 - Info Disclosure

Unspecified vulnerability in Oracle OpenSolaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to rdist.

by Monarch Rich

View

EIP-2026-108500 EXPLOITDB text

Joomla! Component com_qcontacts - SQL Injection

by _mlk_

View