Exploitdb Exploits
31,344 exploits tracked across all sources.
Edimax AR-7084GA Router - Cross-Site Request Forgery / Persistent Cross-Site Scripting
by l3D
SafeSHOP 1.5.6 - Cross-Site Scripting / Multiple Cross-Site Request Forgery Vulnerabilities
by cp77fk4r
Cleanersoft Free Mp3 CD Ripper < 2.6 - Memory Corruption
Stack-based buffer overflow in Free MP3 CD Ripper 1.1, 2.6 and earlier, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted .wav file.
by Richard leahy
Google Chrome 4.1 - Out-of-Bounds Array Indexing
by Tobias Klein
dynpg < 4.1.0 - Remote Code Execution via PHP File Inclusion
Multiple PHP remote file inclusion vulnerabilities in DynPG CMS 4.1.0, and possibly earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) DefineRootToTool parameter to counter.php, (2) PathToRoot parameter to plugins/DPGguestbook/guestbookaction.php and (3) get_popUpResource parameter to backendpopup/popup.php. NOTE: some of these details are obtained from third party information.
by eidelweiss
68KB Knowledge Base 1.0.0rc3 - Cross-Site Request Forgery (Edit Main Settings)
by Jelmer de Hen
68kb 68KB Base 1.0.0rc3 - Cross-Site Request Forgery (Admin)
by Jelmer de Hen
Simple Calculator by Peter Rekdal Sunde - Arbitrary File Upload
by indoushka
Profi Einzelgebots Auktions System - Blind SQL Injection
by Easy Laster
onepound Shop / CMS - Cross-Site Scripting / SQL Injection
by Valentin
com_weberpcustomer 1.2.1 and 1.x before 1.06.02 - Path Traversal via Controller Parameter
Directory traversal vulnerability in weberpcustomer.php in the webERPcustomer (com_weberpcustomer) component 1.2.1 and 1.x before 1.06.02 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
by Chip d3 bi0s
Joomla! com_userstatus <1.21.16 - Path Traversal
Directory traversal vulnerability in userstatus.php in the User Status (com_userstatus) component 1.21.16 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
by Chip d3 bi0s
com_jvehicles 1.0, 2.0, and 2.1111 - SQL Injection via aid Parameter
SQL injection vulnerability in the Jvehicles (com_jvehicles) component 1.0, 2.0, and 2.1111 for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an agentlisting action to index.php. NOTE: some of these details are obtained from third party information.
by Chip d3 bi0s
Joomla! Component EContent - Local File Inclusion
by Chip d3 bi0s
Joomla! Component com_trading - Blind SQL Injection
by DevilZ TM
By Source