Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2010-1622 EXPLOITDB text VERIFIED
Oracle Fusion Middleware < 2.5.7 - Code Injection
SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs[0]=jar: followed by a URL of a crafted .jar file.
by Meder Kydyraliev
EIP-2026-119226 EXPLOITDB perl VERIFIED
TurboFTP Server 1.20.745 - Directory Traversal
by leinakesi
CVE-2010-2331 EXPLOITDB python VERIFIED
iSharer File Sharing Wizard 1.5.0 - Stack-Based Buffer Overflow via Long HEAD Request
Stack-based buffer overflow in iSharer File Sharing Wizard 1.5.0 allows remote attackers to execute arbitrary code via a long HEAD request.
by b0nd
EIP-2026-118111 EXPLOITDB python VERIFIED
Winamp 5.572 - Local Buffer Overflow (EIP + SEH) (DEP Bypass)
by TecR0c
CVE-2006-6199 EXPLOITDB python VERIFIED
BlazeVideo BlazeDVD Standard and Professional 5.0 - Stack-based Buffer Overflow via PLF Playlist Filename
Stack-based buffer overflow in BlazeVideo BlazeDVD Standard and Professional 5.0, and possibly earlier, allows remote attackers to execute arbitrary code via a long filename in a PLF playlist.
by mr_me
CVE-2010-2348 EXPLOITDB python VERIFIED
Batch Audio Converter Lite Edition <= 1.0.0.0 - Remote Code Execution via Long Line in WAV File
Stack-based buffer overflow in Batch Audio Converter Lite Edition 1.0.0.0 and earlier allows remote attackers to execute arbitrary code via a long line in a .WAV file.
by modpr0be
EIP-2026-115050 EXPLOITDB text VERIFIED
Chrome Engine 4 - Denial of Service
by Luigi Auriemma
EIP-2026-111320 EXPLOITDB text
Planet 1.1 - Cross-Site Request Forgery (Add Admin)
by G0D-F4Th3r
EIP-2026-111285 EXPLOITDB text
Pithcms 0.9.5 - Local File Inclusion
by sh00t0ut
EIP-2026-110885 EXPLOITDB text
PHP-Nuke Module print 6.0 - 'print&sid' SQL Injection
by Gamoscu
EIP-2026-110546 EXPLOITDB text
PenPals - Authentication Bypass
by L0rd CrusAd3r
EIP-2026-109180 EXPLOITDB text VERIFIED
Live CMS - SQL Injection
by ahwak2000
EIP-2026-107560 EXPLOITDB text
Havij 1.10 - Persistent Cross-Site Scripting
by hexon
EIP-2026-107107 EXPLOITDB text VERIFIED
Firebook - Multiple Cross-Site Scripting / Directory Traversal Vulnerabilities
by MustLive
EIP-2026-106701 EXPLOITDB text VERIFIED
Easy Travel Portal - SQL Injection
by L0rd CrusAd3r
EIP-2026-106479 EXPLOITDB perl
DMSEasy 0.9.7 - 'FCKeditor' Arbitrary File Upload
by sh00t0ut
CVE-2010-2351 EXPLOITDB text VERIFIED
Novell Netware < 6.5 - Remote Code Execution via SMB Sessions Setup AndX Packet
Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and earlier allows remote attackers to execute arbitrary code via a Sessions Setup AndX packet with a long AccountName.
by laurent gaffie
CVE-2003-0201 EXPLOITDB ruby VERIFIED
Samba < 2.2.8a and 2.0.10 - Remote Code Execution via call_trans2open Buffer Overflow
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
by Metasploit
EIP-2026-100105 EXPLOITDB text
Ananda Image Gallery - SQL Injection
by L0rd CrusAd3r
CVE-2010-5018 EXPLOITDB text VERIFIED
2daybiz Online Classified Script - XSS
Cross-site scripting (XSS) vulnerability in products/classified/headersearch.php in 2daybiz Online Classified Script allows remote attackers to inject arbitrary web script or HTML via the sid parameter.
by Sid3^effects
CVE-2010-2329 EXPLOITDB python VERIFIED
Rosoft Audio Converter 4.4.4 - Remote Code Execution via Long Playlist Entry in .m3u File
Buffer overflow in Rosoft Audio Converter 4.4.4 allows remote attackers to execute arbitrary code via a long playlist entry in a .m3u file.
by blake
EIP-2026-114869 EXPLOITDB text VERIFIED
Adobe SVG Viewer 3.0 - Circle Transform Remote Code Execution
by h07
EIP-2026-111701 EXPLOITDB text VERIFIED
Real Estate - SQL Injection
by L0rd CrusAd3r
EIP-2026-110927 EXPLOITDB text
PHPAuctionSystem - Arbitrary File Upload
by Sid3^effects
CVE-2010-2358 EXPLOITDB text
Nakid CMS 0.5.2 - Remote Code Execution via core[system_path] Parameter
PHP remote file inclusion vulnerability in modules/catalog/upload_photo.php in Nakid CMS 0.5.2, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the core[system_path] parameter. NOTE: some of these details are obtained from third party information.
by sh00t0ut