Exploitdb Exploits

31,357 exploits tracked across all sources.

Sort: Activity Stars
CVE-2009-3148 EXPLOITDB text VERIFIED
PortalXP Teacher Edition 1.2 - SQL Injection via id or assignment_id Parameter
Multiple SQL injection vulnerabilities in PortalXP Teacher Edition 1.2 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) calendar.php, (2) news.php, and (3) links.php; and the (4) assignment_id parameter to assignments.php.
by SirGod
CVE-2009-2788 EXPLOITDB text VERIFIED
Mobilelib GOLD 3 - SQL Injection via adminName Parameter
Multiple SQL injection vulnerabilities in Mobilelib GOLD 3 allow remote attackers to execute arbitrary SQL commands via the (1) adminName parameter to cp/auth.php, (2) cid parameter to artcat.php, and (3) catid parameter to show.php.
by SwEET-DeViL
CVE-2009-3424 EXPLOITDB text VERIFIED
MaxCMS 3.11.20b - Remote Code Execution via Multiple PHP File Inclusion Parameters
Multiple PHP remote file inclusion vulnerabilities in MaxCMS 3.11.20b, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) is_projectPath parameter to includes/InstantSite/inc.is_root.php; GLOBALS[thCMS_root] parameter to (2) classes/class.Tree.php, (3) includes/inc.thcms_admin_mediamanager.php, and (4) modul/mod.rssreader.php; is_path parameter to (5) class.tasklist.php, (6) class.thcms.php, (7) class.thcms_content.php, (8) class.thcms_modul_parent.php, (9) class.thcms_page.php, and (10) class.thcsm_user.php in classes/; and (11) includes/InstantSite/class.Tree.php; and thCMS_root parameter to (12) classes/class.thcms_modul.php; (13) inc.page_edit_tasklist.php, (14) inc.thcms_admin_overview_backup.php, and (15) inc.thcms_edit_content.php in includes/; and (16) class.thcms_modul_parent_xml.php, (17) mod.cmstranslator.php, (18) mod.download.php, (19) mod.faq.php, (20) mod.guestbook.php, (21) mod.html.php, (22) mod.menu.php, (23) mod.news.php, (24) mod.newsticker.php, (25) mod.rss.php, (26) mod.search.php, (27) mod.sendtofriend.php, (28) mod.sitemap.php, (29) mod.tagdoc.php, (30) mod.template.php, (31) mod.test.php, (32) mod.text.php, (33) mod.upload.php, and (34) mod.users.php in modul/.
by NoGe
CVE-2009-2782 EXPLOITDB text VERIFIED
JFusion com_jfusion - SQL Injection via Itemid Parameter
SQL injection vulnerability in the JFusion (com_jfusion) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php.
by Chip d3 bi0s
EIP-2026-104879 EXPLOITDB text VERIFIED
aa33code 0.0.1 - Local File Inclusion / Authentication Bypass / File Disclosure
by SirGod
CVE-2009-2715 EXPLOITDB text VERIFIED
Sun VirtualBox 2.2-3.0.2 - Denial of Service via sysenter Instruction
Sun VirtualBox 2.2 through 3.0.2 r49928 allows guest OS users to cause a denial of service (Linux host OS reboot) via a sysenter instruction.
by Tadas Vilkeliskis
CVE-2009-3514 EXPLOITDB text VERIFIED
d.net CMS - SQL Injection via Page Parameter
Multiple SQL injection vulnerabilities in d.net CMS allow remote attackers to execute arbitrary SQL commands via (1) the page parameter to index.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the (2) edit_id and (3) _p parameter in a news action to dnet_admin/index.php.
by SirGod
CVE-2009-3506 EXPLOITDB text VERIFIED
CMSphp 0.21 - Cross-Site Scripting via cook_user or name Parameter
Multiple cross-site scripting (XSS) vulnerabilities in CMSphp 0.21 allow remote attackers to inject arbitrary web script or HTML via the (1) cook_user parameter to index.php and the (2) name parameter to modules.php.
by SirGod
CVE-2009-2653 EXPLOITDB text VERIFIED
Microsoft Windows XP SP2-SP3 & Server 2003 - Privilege Escalation
The NtUserConsoleControl function in win32k.sys in Microsoft Windows XP SP2 and SP3, and Server 2003 before SP1, allows local administrators to bypass unspecified "security software" and gain privileges via a crafted call that triggers an overwrite of an arbitrary memory location. NOTE: the vendor disputes the significance of this report, stating that 'the Administrator to SYSTEM "escalation" is not a security boundary we defend.
by NT Internals
EIP-2026-117137 EXPLOITDB text VERIFIED
EPSON Status Monitor 3 - Local Privilege Escalation
by Nine:Situations:Group
EIP-2026-115220 EXPLOITDB text VERIFIED
Epiri Professional Web Browser 3.0 - Remote Crash
by LiquidWorm
CVE-2009-3151 EXPLOITDB text VERIFIED
Ultrize TimeSheet 1.2.2 - Path Traversal via File Download Parameter
Directory traversal vulnerability in actions/downloadFile.php in Ultrize TimeSheet 1.2.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the fileName parameter.
by GoLd_M
CVE-2009-2790 EXPLOITDB text VERIFIED
SoftBiz Dating Script - SQL Injection
SQL injection vulnerability in cat_products.php in SoftBiz Dating Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. NOTE: this might overlap CVE-2006-3271.4.
by MizoZ
CVE-2009-2792 EXPLOITDB text VERIFIED
Really Simple CMS 0.3a - Path Traversal
Directory traversal vulnerability in plugings/pagecontent.php in Really Simple CMS (RSCMS) 0.3a allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PT parameter.
by SirGod
EIP-2026-110339 EXPLOITDB text VERIFIED
Orbis CMS 1.0 - File Delete / Download File / Arbitrary File Upload / SQL Injection
by SirGod
CVE-2009-3508 EXPLOITDB text VERIFIED
Fcgphilipp Mujecms - Path Traversal
Multiple directory traversal vulnerabilities in MUJE CMS 1.0.4.34 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) _class parameter to admin.php and the (2) url parameter to install/install.php; and allow remote authenticated administrators to read arbitrary files via a .. (dot dot) in the (3) _htmlfile parameter to admin.php.
by SirGod
CVE-2009-3510 EXPLOITDB text VERIFIED
linkspheric 0.74 Beta 6 - SQL Injection via listID Parameter
SQL injection vulnerability in viewListing.php in linkSpheric 0.74 Beta 6 allows remote attackers to execute arbitrary SQL commands via the listID parameter.
by NoGe
CVE-2009-3511 EXPLOITDB text VERIFIED
justVisual 1.2 - Remote Code Execution via fs_jVroot Parameter
Multiple PHP remote file inclusion vulnerabilities in justVisual 1.2 allow remote attackers to execute arbitrary PHP code via a URL in the fs_jVroot parameter to (1) sites/site/pages/index.php, (2) sites/test/pages/contact.php, (3) system/pageTemplate.php, and (4) system/utilities.php.
by SirGod
CVE-2009-2784 EXPLOITDB text VERIFIED
dit.cms 1.3 - Path Traversal via Multiple Parameters
Multiple directory traversal vulnerabilities in dit.cms 1.3, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path parameter to index.php in (1) install/, (2) menus/left_rightslideopen/, (3) menus/side_pullout/, (4) menus/side_slideopen/, (5) menus/simple/, (6) menus/top_dropdown/, and (7) menus/topside/; the sitemap parameter to index.php in (8) menus/left_rightslideopen/, (9) menus/side_pullout/, (10) menus/side_slideopen/, (11) menus/top_dropdown/, and (12) menus/topside/; and the (13) relPath parameter to index/index.php. NOTE: PHP remote file inclusion vulnerabilities reportedly also exist for some of these vectors.
by SirGod
CVE-2009-3515 EXPLOITDB text VERIFIED
d.net CMS - Authenticated Path Traversal via Type Parameter
Directory traversal vulnerability in dnet_admin/index.php in d.net CMS allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the type parameter.
by SirGod
CVE-2009-3507 EXPLOITDB text VERIFIED
CMSphp 0.21 - Path Traversal and Arbitrary File Execution via mod_file Parameter
Directory traversal vulnerability in modules.php in CMSphp 0.21 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the mod_file parameter.
by SirGod
CVE-2009-1868 EXPLOITDB text VERIFIED
Adobe AIR < 1.5.2 - Heap-Based Buffer Overflow via URL Parsing
Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors involving URL parsing.
by iDefense
CVE-2009-1869 EXPLOITDB text VERIFIED
Adobe AIR < 1.5.2 - Integer Overflow in AVM2 abcFile Parser
Integer overflow in the ActionScript Virtual Machine 2 (AVM2) abcFile parser in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an AVM2 file with a large intrf_count value that triggers a dereference of an out-of-bounds pointer.
by Roee Hay
CVE-2009-2620 EXPLOITDB text VERIFIED
Firebird SQL 1.5-1.5.5, 2.0-2.0.5, 2.1-2.1.2, 2.5 Beta 1 - Denial of Service via Malformed op_connect_request Message
src/remote/server.cpp in fbserver.exe in Firebird SQL 1.5 before 1.5.6, 2.0 before 2.0.6, 2.1 before 2.1.3, and 2.5 before 2.5 Beta 2 allows remote attackers to cause a denial of service (daemon crash) via a malformed op_connect_request message that triggers an infinite loop or NULL pointer dereference.
by Core Security
CVE-2009-2769 EXPLOITDB text VERIFIED
Ultrize TimeSheet 1.2.2 - Remote Code Execution via config[include_dir] Parameter
PHP remote file inclusion vulnerability in include/timesheet.php in Ultrize TimeSheet 1.2.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the config[include_dir] parameter.
by NoGe
By Source
All 31,357 Writeup 60,534 Exploitdb 50,033 Nomisec 21,981 Metasploit 3,232 Github 2,997 Vulncheck_xdb 909 Inthewild 514 Gitlab 451 Gitee 415 Patchapalooza 312
By Language
text 31,357 python 6,238 ruby 5,922 c 3,594 perl 2,850 html 2,059 php 1,327 bash 460 java 364 c++ 253 javascript 220 shell 101 go 65 postscript 25 xml 24