Exploitdb Exploits
50,095 exploits tracked across all sources.
OroHYIP - SQL Injection via withdraw_money.php id Parameter
SQL injection vulnerability in withdraw_money.php in Toma Cero OroHYIP allows remote attackers to execute arbitrary SQL commands via the id parameter in a cancel action.
by L0rd CrusAd3r
Joomla! Component com_eportfolio - Arbitrary File Upload
by Sid3^effects
NetArt Media iBoutique 4.0 - SQL Injection
SQL injection vulnerability in index.php in NetArt Media iBoutique 4.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.
by L0rd CrusAd3r
Orbital Viewer 1.04 - Buffer Overflow
Stack-based buffer overflow in Orbital Viewer 1.04 allows user-assisted remote attackers to execute arbitrary code via a crafted (1) .orb or (2) .ov file.
by Crazy_Hacker
MoreAmp - Stack-based Buffer Overflow via Long Line in Song List File
Stack-based buffer overflow in MoreAmp allows remote attackers to execute arbitrary code via a long line in a song list (.maf file).
by Sid3^effects
Hacker Evolution Game: untold Mod Editor 2.00.001 - Buffer Overflow (PoC)
by gunslinger_
UK One Media CMS - 'id' Error-Based SQL Injection
by LiquidWorm
RSComments (com_rscomments) 1.0.0 Rev 2 - Cross-Site Scripting via Website and Name Parameters
Multiple cross-site scripting (XSS) vulnerabilities in the RSComments (com_rscomments) component 1.0.0 Rev 2 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) website and (2) name parameters to index.php.
by jdc
Elite Gaming Ladders 3.5 - SQL Injection
SQL injection vulnerability in standings.php in Elite Gaming Ladders 3.5 allows remote attackers to execute arbitrary SQL commands via the ladder[id] parameter.
by ahwak2000
Microsoft MFC Library - Buffer Overflow
Stack-based buffer overflow in the UpdateFrameTitleForDocument method in the CFrameWnd class in mfc42.dll in the Microsoft Foundation Class (MFC) Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows context-dependent attackers to execute arbitrary code via a long window title that this library attempts to create at the request of an application, as demonstrated by the Trident PowerZip 7.2 Build 4010 application, aka "Windows MFC Document Title Updating Buffer Overflow Vulnerability."
by fl0 fl0w
Open-FTPD < 1.2 - Unauthenticated Authentication Bypass via FTP Command Injection
Open&Compact FTP Server (Open-FTPD) 1.2 and earlier allows remote attackers to bypass authentication by sending (1) LIST, (2) RETR, (3) STOR, or other commands without performing the required login steps first.
by Serge Gorbunov
H264WebCam 3.7 - Denial of Service via Long URI
H264WebCam 3.7 allows remote attackers to cause a denial of service (crash) via a long URI in a GET request, which triggers a NULL pointer dereference. NOTE: some of these details are obtained from third party information.
by fl0 fl0w
Shopping Cart Script with Affiliate Program - SQL Injection
by L0rd CrusAd3r
KubeLance 1.7.6 - 'profile.php' SQL Injection
by L0rd CrusAd3r
Joomla! Component Gallery XML 1.1 - SQL Injection / Local File Inclusion
by jdc
Joomla! Component com_listbingo 1.3 - Multiple Vulnerabilities
by jdc
Joomla! Component com_joomdocs - Cross-Site Scripting
by Sid3^effects
YourFreeWorld Banner Management - SQL Injection
SQL injection vulnerability in trackads.php in YourFreeWorld Banner Management allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information.
by L0rd CrusAd3r
By Source