Exploitdb Exploits
50,091 exploits tracked across all sources.
TrouSerS < 0.3.10 - Denial of Service via Crafted TCP Packet
tcsd in TrouSerS before 0.3.10 allows remote attackers to cause a denial of service (daemon crash) via a crafted type_offset value in a TCP packet to port 30003.
by Andy Lutomirski
Twitter for iPhone - Man in the Middle Security
by Carlos Reventlov
NetIQ Privileged User Manager < 2.3.1 HF2 - Remote Code Execution via ldapagnt_eval Function
Eval injection vulnerability in the ldapagnt_eval function in ldapagnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 allows remote attackers to execute arbitrary Perl code via a crafted application/x-amf request.
by Metasploit
WordPress Theme Magazine Basic - 'id' SQL Injection
by Novin hack
WordPress Plugin Zingiri Web Shop - 'path' Arbitrary File Upload
by Ashiyane Digital Security Team
WordPress Plugin Zarzadzonie Kontem - 'ajaxfilemanager.php' Script Arbitrary File Upload
by Ashiyane Digital Security Team
WordPress Plugin Webplayer - 'id' SQL Injection
by Novin hack
lighttpd < 1.4.32 - Denial of Service via Empty Token in Connection Header
The http_request_split_value function in request.c in lighttpd before 1.4.32 allows remote attackers to cause a denial of service (infinite loop) via a request with a header containing an empty token, as demonstrated using the "Connection: TE,,Keep-Alive" header.
by t4c
Narcissus backend.php - release Parameter Command Injection
Narcissus is vulnerable to remote code execution via improper input handling in its image configuration workflow. Specifically, the backend.php script fails to sanitize the release parameter before passing it to the configure_image() function. This function invokes PHP’s passthru() with the unsanitized input, allowing attackers to inject arbitrary system commands. Exploitation occurs via a crafted POST request, resulting in command execution under the web server’s context.
by Metasploit
ManageEngine ServiceDesk 8.0 - Multiple Vulnerabilities
by Vulnerability-Lab
Adobe Reader 10.1.4 - JP2KLib&CoolType Crash (PoC)
by coolkaveh
PHP Server Monitor - Persistent Cross-Site Scripting
by loneferret
dotproject < 2.1.7 - Authenticated SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in dotProject before 2.1.7 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) search_string or (2) where parameter in a contacts action, (3) dept_id parameter in a departments action, (4) project_id[] parameter in a project action, or (5) company_id parameter in a system action to index.php. NOTE: this can be leveraged using CSRF to allow remote attackers to execute arbitrary SQL commands.
by High-Tech Bridge
dotproject < 2.1.7 - Cross-Site Scripting via Callback, Field, or Company Name Parameters
Multiple cross-site scripting (XSS) vulnerabilities in dotProject before 2.1.7 allow remote attackers to inject arbitrary web script or HTML via the (1) callback parameter in a color_selector action, (2) field parameter in a date_format action, or (3) company_name parameter in an addedit action to index.php. NOTE: the date parameter vector is already covered by CVE-2008-3886.
by High-Tech Bridge
FormatFactory 3.0.1 - Profile File Handling Buffer Overflow
by Julien Ahrens
Apple QuickTime < 7.7.3 - Remote Code Execution via Crafted Targa Image
Buffer overflow in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Targa image.
by Senator of Pirates
WordPress Theme Madebymilk - 'id' SQL Injection
by Ashiyane Digital Security Team
By Source