Exploitdb Exploits

50,091 exploits tracked across all sources.

Sort: Activity Stars
CVE-2012-5451 EXPLOITDB text
TVMOBiLi <2.1.0.3974 - Buffer Overflow
Multiple stack-based buffer overflows in HttpUtils.dll in TVMOBiLi before 2.1.0.3974 allow remote attackers to cause a denial of service (tvMobiliService service crash) via a long string in a (1) GET or (2) HEAD request to TCP port 30888.
by High-Tech Bridge SA
CVE-2012-5340 EXPLOITDB HIGH text VERIFIED
SumatraPDF 2.1.1/MuPDF 1.0 - Memory Corruption
SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number() function via a corrupt PDF file.
by beford
CVSS 7.8
EIP-2026-109719 EXPLOITDB text
MyBB KingChat Plugin - Persistent Cross-Site Scripting
by VipVince
CVE-2012-5849 EXPLOITDB text
ClipBucket < 2.6 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in ClipBucket 2.6 Revision 738 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) uid parameter in an add_friend action to ajax.php; id parameter in a (2) share_object, (3) add_to_fav, (4) rating, or (5) flag_object action to ajax.php; cid parameter in an (6) add_new_item, (7) remove_collection_item, (8) get_item, or (9) load_more_items action to ajax.php; (10) ci_id parameter in a get_item action to ajax.php; user parameter to (11) user_contacts.php or (12) view_channel.php; (13) pid parameter to view_page.php; (14) tid parameter to view_topic.php; or (15) v parameter to watch_video.php.
by High-Tech Bridge SA
CVE-2012-5865 EXPLOITDB text VERIFIED
Achievo 1.4.5 - Authenticated SQL Injection via Activity ID Parameter
SQL injection vulnerability in dispatch.php in Achievo 1.4.5 allows remote authenticated users to execute arbitrary SQL commands via the activityid parameter in a stats action.
by High-Tech Bridge SA
EIP-2026-104086 EXPLOITDB ruby VERIFIED
Splunk 5.0 - Custom App Remote Code Execution (Metasploit)
by Metasploit
EIP-2026-102801 EXPLOITDB text
Centrify Deployment Manager 2.1.0.283 - Local Privilege Escalation
by Larry W. Cashdollar
EIP-2026-101587 EXPLOITDB text
Cisco DPC2420 - Multiples Vulnerabilities
by Facundo M. de la Cruz
CVE-2013-1773 EXPLOITDB text VERIFIED
Linux Kernel < 3.3 - Buffer Overflow in VFAT Filesystem UTF-8 to UTF-16 Conversion
Buffer overflow in the VFAT filesystem implementation in the Linux kernel before 3.3 allows local users to gain privileges or cause a denial of service (system crash) via a VFAT write operation on a filesystem with the utf8 mount option, which is not properly handled during UTF-8 to UTF-16 conversion.
by G13
EIP-2026-113017 EXPLOITDB php VERIFIED
vBulletin ajaxReg Module - SQL Injection
by Cold Zero
CVE-2009-0880 EXPLOITDB ruby VERIFIED
IBM Director < 5.20.3 - Remote Code Execution via CIM Server Path Traversal
Directory traversal vulnerability in the CIM server in IBM Director before 5.20.3 Service Update 2 on Windows allows remote attackers to load and execute arbitrary local DLL code via a .. (dot dot) in a /CIMListener/ URI in an M-POST request.
by Metasploit
CVE-2013-1868 EXPLOITDB text VERIFIED
VLC media player < 2.0.4 - Remote Code Execution via Freetype Renderer and HTML Subtitle Parser
Multiple buffer overflows in VideoLAN VLC media player 2.0.4 and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to the (1) freetype renderer and (2) HTML subtitle parser.
by coolkaveh
CVE-2012-6313 EXPLOITDB text VERIFIED
Simple Gmail Login < 1.1.4 - Unauthenticated Sensitive Information Exposure via Missing Timezone Parameter
simple-gmail-login.php in the Simple Gmail Login plugin before 1.1.4 for WordPress allows remote attackers to obtain sensitive information via a request that lacks a timezone, leading to disclosure of the installation path in a stack trace.
by Aditya Balapure
EIP-2026-107182 EXPLOITDB text VERIFIED
FOOT Gestion - 'id' SQL Injection
by Emmanuel Farcy
EIP-2026-100969 EXPLOITDB text VERIFIED
m0n0wall 1.33 - Multiple Cross-Site Request Forgery Vulnerabilities
by Yann CAM
CVE-2012-5613 EXPLOITDB ruby VERIFIED
MySQL <5.5.19 & MariaDB <5.5.28a - Privilege Escalation
MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows remote authenticated users to gain privileges by leveraging the FILE privilege to create files as the MySQL administrator. NOTE: the vendor disputes this issue, stating that this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation. NOTE: it could be argued that this should not be included in CVE because it is a configuration issue.
by Metasploit
EIP-2026-115982 EXPLOITDB text
Nvidia Install Application 2.1002.85.551 - 'NVI2.dll' Unicode Buffer Overflow (PoC)
by LiquidWorm
EIP-2026-109042 EXPLOITDB text VERIFIED
Kordil EDms 2.2.60rc3 - SQL Injection
by Woody Hughes
EIP-2026-103838 EXPLOITDB ruby VERIFIED
Adobe IndesignServer 5.5 - SOAP Server Arbitrary Script Execution (Metasploit)
by Metasploit
CVE-2012-5627 EXPLOITDB perl VERIFIED
Oracle MySQL 5.5.0-5.5.28 & MariaDB 5.2.0-5.2.13 - Brute Force via Insufficient Salt Rotation
Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks.
by kingcope
CVE-2012-5357 EXPLOITDB CRITICAL ruby VERIFIED
Ektron Content Management System < 8.02 - Remote Code Execution via XSLT Script Execution
Ektron Content Management System (CMS) before 8.02 SP5 uses the XslCompiledTransform class with enablescript set to true, which allows remote attackers to execute arbitrary code with NETWORK SERVICE privileges via crafted XSL data.
by Metasploit
CVSS 9.8
CVE-2012-5975 EXPLOITDB ruby VERIFIED
SSH Tectia Server 6.0.4-6.3.2 - Authentication Bypass via Blank Password
The SSH USERAUTH CHANGE REQUEST feature in SSH Tectia Server 6.0.4 through 6.0.20, 6.1.0 through 6.1.12, 6.2.0 through 6.2.5, and 6.3.0 through 6.3.2 on UNIX and Linux, when old-style password authentication is enabled, allows remote attackers to bypass authentication via a crafted session involving entry of blank passwords, as demonstrated by a root login session from a modified OpenSSH client with an added input_userauth_passwd_changereq call in sshconnect2.c.
by Metasploit
CVE-2013-1627 EXPLOITDB python VERIFIED
Indusoft Web Studio & Advantech Studio <=7.0 - Unauthenticated Path Traversal via NTWebServer.exe
Absolute path traversal vulnerability in NTWebServer.exe in Indusoft Studio 7.0 and earlier and Advantech Studio 7.0 and earlier allows remote attackers to read arbitrary files via a full pathname in an argument to the sub_401A90 CreateFileW function.
by Nin3
EIP-2026-114342 EXPLOITDB text VERIFIED
WordPress Theme Nest - 'codigo' SQL Injection
by Ashiyane Digital Security Team
EIP-2026-112358 EXPLOITDB text VERIFIED
Sourcefabric Newscoop - 'f_email' SQL Injection
by AkaStep