Exploitdb Exploits
50,095 exploits tracked across all sources.
Oracle Fusion Middleware < 2.5.7 - Code Injection
SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs[0]=jar: followed by a URL of a crafted .jar file.
by Meder Kydyraliev
iSharer File Sharing Wizard 1.5.0 - Stack-Based Buffer Overflow via Long HEAD Request
Stack-based buffer overflow in iSharer File Sharing Wizard 1.5.0 allows remote attackers to execute arbitrary code via a long HEAD request.
by b0nd
Winamp 5.572 - Local Buffer Overflow (EIP + SEH) (DEP Bypass)
by TecR0c
BlazeVideo BlazeDVD Standard and Professional 5.0 - Stack-based Buffer Overflow via PLF Playlist Filename
Stack-based buffer overflow in BlazeVideo BlazeDVD Standard and Professional 5.0, and possibly earlier, allows remote attackers to execute arbitrary code via a long filename in a PLF playlist.
by mr_me
Batch Audio Converter Lite Edition <= 1.0.0.0 - Remote Code Execution via Long Line in WAV File
Stack-based buffer overflow in Batch Audio Converter Lite Edition 1.0.0.0 and earlier allows remote attackers to execute arbitrary code via a long line in a .WAV file.
by modpr0be
Firebook - Multiple Cross-Site Scripting / Directory Traversal Vulnerabilities
by MustLive
Novell Netware < 6.5 - Remote Code Execution via SMB Sessions Setup AndX Packet
Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and earlier allows remote attackers to execute arbitrary code via a Sessions Setup AndX packet with a long AccountName.
by laurent gaffie
Samba < 2.2.8a and 2.0.10 - Remote Code Execution via call_trans2open Buffer Overflow
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
by Metasploit
2daybiz Online Classified Script - XSS
Cross-site scripting (XSS) vulnerability in products/classified/headersearch.php in 2daybiz Online Classified Script allows remote attackers to inject arbitrary web script or HTML via the sid parameter.
by Sid3^effects
Rosoft Audio Converter 4.4.4 - Remote Code Execution via Long Playlist Entry in .m3u File
Buffer overflow in Rosoft Audio Converter 4.4.4 allows remote attackers to execute arbitrary code via a long playlist entry in a .m3u file.
by blake
Adobe SVG Viewer 3.0 - Circle Transform Remote Code Execution
by h07
Nakid CMS 0.5.2 - Remote Code Execution via core[system_path] Parameter
PHP remote file inclusion vulnerability in modules/catalog/upload_photo.php in Nakid CMS 0.5.2, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the core[system_path] parameter. NOTE: some of these details are obtained from third party information.
by sh00t0ut
By Source