Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2010-2462 EXPLOITDB text VERIFIED
OroHYIP - SQL Injection via withdraw_money.php id Parameter
SQL injection vulnerability in withdraw_money.php in Toma Cero OroHYIP allows remote attackers to execute arbitrary SQL commands via the id parameter in a cancel action.
by L0rd CrusAd3r
EIP-2026-108338 EXPLOITDB text
Joomla! Component com_eportfolio - Arbitrary File Upload
by Sid3^effects
CVE-2010-5020 EXPLOITDB text VERIFIED
NetArt Media iBoutique 4.0 - SQL Injection
SQL injection vulnerability in index.php in NetArt Media iBoutique 4.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.
by L0rd CrusAd3r
CVE-2010-0688 EXPLOITDB perl VERIFIED
Orbital Viewer 1.04 - Buffer Overflow
Stack-based buffer overflow in Orbital Viewer 1.04 allows user-assisted remote attackers to execute arbitrary code via a crafted (1) .orb or (2) .ov file.
by Crazy_Hacker
CVE-2010-2439 EXPLOITDB python VERIFIED
MoreAmp - Stack-based Buffer Overflow via Long Line in Song List File
Stack-based buffer overflow in MoreAmp allows remote attackers to execute arbitrary code via a long line in a song list (.maf file).
by Sid3^effects
EIP-2026-115370 EXPLOITDB perl VERIFIED
Hacker Evolution Game: untold Mod Editor 2.00.001 - Buffer Overflow (PoC)
by gunslinger_
EIP-2026-113354 EXPLOITDB html
WebsiteBaker 2.8.1 - Cross-Site Request Forgery
by Luis Santana
EIP-2026-112864 EXPLOITDB text VERIFIED
UK One Media CMS - 'id' Error-Based SQL Injection
by LiquidWorm
EIP-2026-112278 EXPLOITDB text VERIFIED
SnowCade 3.0 - SQL Injection
by ahwak2000
CVE-2010-2464 EXPLOITDB text VERIFIED
RSComments (com_rscomments) 1.0.0 Rev 2 - Cross-Site Scripting via Website and Name Parameters
Multiple cross-site scripting (XSS) vulnerabilities in the RSComments (com_rscomments) component 1.0.0 Rev 2 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) website and (2) name parameters to index.php.
by jdc
CVE-2010-5014 EXPLOITDB text VERIFIED
Elite Gaming Ladders 3.5 - SQL Injection
SQL injection vulnerability in standings.php in Elite Gaming Ladders 3.5 allows remote attackers to execute arbitrary SQL commands via the ladder[id] parameter.
by ahwak2000
CVE-2010-3227 EXPLOITDB c VERIFIED
Microsoft MFC Library - Buffer Overflow
Stack-based buffer overflow in the UpdateFrameTitleForDocument method in the CFrameWnd class in mfc42.dll in the Microsoft Foundation Class (MFC) Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows context-dependent attackers to execute arbitrary code via a long window title that this library attempts to create at the request of an application, as demonstrated by the Trident PowerZip 7.2 Build 4010 application, aka "Windows MFC Document Title Updating Buffer Overflow Vulnerability."
by fl0 fl0w
CVE-2010-2620 EXPLOITDB python VERIFIED
Open-FTPD < 1.2 - Unauthenticated Authentication Bypass via FTP Command Injection
Open&Compact FTP Server (Open-FTPD) 1.2 and earlier allows remote attackers to bypass authentication by sending (1) LIST, (2) RETR, (3) STOR, or other commands without performing the required login steps first.
by Serge Gorbunov
CVE-2010-2349 EXPLOITDB c VERIFIED
H264WebCam 3.7 - Denial of Service via Long URI
H264WebCam 3.7 allows remote attackers to cause a denial of service (crash) via a long URI in a GET request, which triggers a NULL pointer dereference. NOTE: some of these details are obtained from third party information.
by fl0 fl0w
EIP-2026-115097 EXPLOITDB c VERIFIED
Corel VideoStudio Pro X3 - '.mp4' Buffer Overflow
by fl0 fl0w
EIP-2026-112028 EXPLOITDB text VERIFIED
Shopping Cart Script with Affiliate Program - SQL Injection
by L0rd CrusAd3r
EIP-2026-109331 EXPLOITDB text
MarketSaz - Arbitrary File Upload
by NetQurd
EIP-2026-109051 EXPLOITDB text VERIFIED
KubeSupport - 'lang' SQL Injection
by L0rd CrusAd3r
EIP-2026-109049 EXPLOITDB text VERIFIED
KubeLance 1.7.6 - 'profile.php' SQL Injection
by L0rd CrusAd3r
EIP-2026-108821 EXPLOITDB text
Joomla! Component Ozio Gallery 2 - Multiple Vulnerabilities
by jdc
EIP-2026-108658 EXPLOITDB text VERIFIED
Joomla! Component Gallery XML 1.1 - SQL Injection / Local File Inclusion
by jdc
EIP-2026-108432 EXPLOITDB text
Joomla! Component com_listbingo 1.3 - Multiple Vulnerabilities
by jdc
EIP-2026-108408 EXPLOITDB text
Joomla! Component com_joomdocs - Cross-Site Scripting
by Sid3^effects
EIP-2026-108205 EXPLOITDB text
Joomla! Component Answers 2.3beta - Multiple Vulnerabilities
by jdc
CVE-2010-4981 EXPLOITDB text VERIFIED
YourFreeWorld Banner Management - SQL Injection
SQL injection vulnerability in trackads.php in YourFreeWorld Banner Management allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information.
by L0rd CrusAd3r