Exploitdb Exploits
31,357 exploits tracked across all sources.
RealNetworks Helix Server <13.0.0 - DoS
RealNetworks Helix Server and Helix Mobile Server before 13.0.0 allow remote attackers to cause a denial of service (daemon crash) via an RTSP SETUP request that (1) specifies the / URI or (2) lacks a / character in the URI.
by Core Security
Linux kernel 2.6.30-2.6.30.1 - Privilege Escalation
The tun_chr_poll function in drivers/net/tun.c in the tun subsystem in the Linux kernel 2.6.30 and 2.6.30.1, when the -fno-delete-null-pointer-checks gcc option is omitted, allows local users to gain privileges via vectors involving a NULL pointer dereference and an mmap of /dev/net/tun, a different vulnerability than CVE-2009-1894.
by spender
Zenphoto 1.2.5 - Cross-Site Scripting via Admin.php From Parameter
Cross-site scripting (XSS) vulnerability in zp-core/admin.php in Zenphoto 1.2.5 allows remote attackers to inject arbitrary web script or HTML via the from parameter.
by petros
Music Tag Editor 1.61 build 212 - Stack-based Buffer Overflow via Long ID3 Tag in MP3 File
Stack-based buffer overflow in Music Tag Editor 1.61 build 212 allows remote attackers to execute arbitrary code via an MP3 file with a long ID3 tag. NOTE: some of these details are obtained from third party information.
by LiquidWorm
Microsoft Office Web Components Spreadsheet ActiveX Control - Remote Code Execution via msDataSourceObject Method
The Microsoft Office Web Components Spreadsheet ActiveX control (aka OWC10 or OWC11), as distributed in Office XP SP3 and Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and Acceleration (ISA) Server 2004 SP3 and 2006 Gold and SP1, and Office Small Business Accounting 2006, when used in Internet Explorer, allows remote attackers to execute arbitrary code via a crafted call to the msDataSourceObject method, as exploited in the wild in July and August 2009, aka "Office Web Components HTML Script Vulnerability."
by anonymous
Audio Editor Pro 2.91 - Remote Memory Corruption (PoC)
by LiquidWorm
Zenphoto 1.2.5 - Cross-Site Request Forgery via Admin Password Change
Cross-site request forgery (CSRF) vulnerability in zp-core/admin-options.php in Zenphoto 1.2.5 allows remote attackers to hijack the authentication of administrators for requests that change the administrative password via the 0-adminpass and 0-adminpass_2 parameters in a saveoptions action.
by petros
webLeague 2.2.0 - 'install.php' Remote Change Password
by TiGeR-Dz
VS PANEL 7.5.5 - SQL Injection via Cat_ID Parameter
SQL injection vulnerability in results.php in VS PANEL 7.5.5 allows remote attackers to execute arbitrary SQL commands via the Cat_ID parameter, a different vector than CVE-2009-3590.
by C0D3R-Dz
SkyBlueCanvas 1.1 r237 - Path Traversal
Directory traversal vulnerability in admin.php in SkyBlueCanvas 1.1 r237 allows remote authenticated administrators to list directory contents via a .. (dot dot) in the dir parameter.
by MaXe
Scriptsez Ultimate Poll - Cross-Site Scripting via demo_page.php clr Parameter
Cross-site scripting (XSS) vulnerability in demo_page.php in Scriptsez Ultimate Poll allows remote attackers to inject arbitrary web script or HTML via the clr parameter in a vote action.
by Moudi
PHP Live! 3.2.1-3.2.2 - SQL Injection via x Parameter
Multiple SQL injection vulnerabilities in PHP Live! 3.2.1 and 3.2.2 allow remote attackers to execute arbitrary SQL commands via the x parameter to (1) message_box.php and (2) request.php.
by boom3rang
dB Masters MultiMedia's Content Manager 4.5 - SQL Injection
by NoGe
XAMPP 1.6.x - 'showcode.php' Local File Inclusion
by MustLive
iPhone OS 1.0-2.2.1 and iPod touch 1.1-2.2.1 - Denial of Service via HTMLSelectElement Length Attribute
WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Safari, and other software, allows remote attackers to cause a denial of service (memory consumption or device reset) via a web page containing an HTMLSelectElement object with a large length attribute, related to the length property of a Select object.
by Thierry Zoller
Netscape Navigator - Denial of Service via Select Object Length Property
Netscape 6 and 8 allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
by Thierry Zoller
Sony PLAYSTATION 3 - Denial of Service via Large Select Object Length Property
The web browser on the Sony PLAYSTATION 3 (PS3) allows remote attackers to cause a denial of service (memory consumption and console hang) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
by Thierry Zoller
CVSS 7.5
Opera < 9.64 - Denial of Service via Large Select Object Length Property
Opera, possibly 9.64 and earlier, allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
by Thierry Zoller
aigo_md_p8860 - Denial of Service via Large Select Object Length Property
The Aigo P8860 allows remote attackers to cause a denial of service (memory consumption and browser hang) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
by Thierry Zoller
Nokia Symbian OS 9.2 - Denial of Service via Large Select Object Length Property
The Nokia N95 running Symbian OS 9.2, N82, and N810 Internet Tablet allow remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
by Thierry Zoller
KDE Konqueror - Denial of Service via Large Select Object Length Property
KDE Konqueror allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
by Thierry Zoller
Microsoft Internet Explorer <9 - DoS
Microsoft Internet Explorer 5 through 8 allows remote attackers to cause a denial of service (memory consumption and application crash) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
by Thierry Zoller
My Category Order <2.8 - SQL Injection
SQL injection vulnerability in mycategoryorder.php in the My Category Order plugin 2.8 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the parentID parameter in an act_OrderCategories action to wp-admin/post-new.php.
by Manh Luat
WebLeague 2.2.0 - SQL Injection via Profile Name Parameter
SQL injection vulnerability in profile.php in WebLeague 2.2.0 allows remote attackers to execute arbitrary SQL commands via the name parameter.
by Arka69
phpgenealogy 2.0 - Remote Code Execution via DataDirectory Parameter
PHP remote file inclusion vulnerability in CoupleDB.php in PHPGenealogy 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the DataDirectory parameter.
by Khashayar Fereidani
By Source