Exploitdb Exploits
50,091 exploits tracked across all sources.
MyBB Profile Albums Plugin 0.9 - 'albums.php?album' SQL Injection
by Zixem
Joomla! Component com_icagenda - 'id' Multiple Vulnerabilities
by Dark-Puzzle
Visual Tools DVR3.0.6.16_ vx series 4.2.19.2 - Multiple Vulnerabilities
by Andrea Fabrizi
Huawei UTPS 1.0 - Buffer Overflow via IDS_PLUGIN_NAME in Plugin Configuration File
Buffer overflow in the back-end component in Huawei UTPS 1.0 allows local users to gain privileges via a long IDS_PLUGIN_NAME string in a plug-in configuration file.
by Dark-Puzzle
QQPlayer 3.7.892 - m2p 'quartz.dll' Heap Pointer Overwrite (PoC)
by James Ritchey
Microsoft Windows Media Player 10 - '.avi' Integer Division By Zero Crash (PoC)
by Dark-Puzzle
WordPress Plugin Crayon Syntax Highlighter - 'wp_load' Remote File Inclusion
by Charlie Eriksen
SilverStripe CMS 2.4.x - 'BackURL' Open Redirection
by Aung Khant
airVisionNVR 1.1.13 - 'readfile()' Disclosure / SQL Injection
by pennyGrit
Metasploit < 4.4 - pcap_log Plugin Privilege Escalation (Metasploit)
by 0a29406d9794e4f9b30b3c5d6702c708
GE Intelligent Platforms - Command Injection
An ActiveX control in KeyHelp.ocx in KeyWorks KeyHelp Module (aka the HTML Help component), as used in GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; Proficy HMI/SCADA iFIX 5.0 and 5.1; Proficy Pulse 1.0; Proficy Batch Execution 5.6; SI7 I/O Driver 7.20 through 7.42; and other products, allows remote attackers to execute arbitrary commands via crafted input, related to a "command injection vulnerability."
by Metasploit
VLC media player 2.0.3 - Denial of Service via Crafted PNG File
libpng_plugin in VideoLAN VLC media player 2.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted PNG file.
by Jean Pascal Pereira
Microsoft Excel and Excel Viewer - Denial of Service via Crafted Spreadsheet File
Microsoft Excel Viewer (aka Xlview.exe) and Excel in Microsoft Office 2007 (aka Office 12) allow remote attackers to cause a denial of service (read access violation and application crash) via a crafted spreadsheet file, as demonstrated by a .xls file with battery voltage data.
by Jean Pascal Pereira
vOlk Botnet Framework 4.0 - Multiple Vulnerabilities
by Vulnerability-Lab
Omnistar Document Manager 8.0 - Multiple Vulnerabilities
by Vulnerability-Lab
ZEN Load Balancer <3.0-rc1 - Command Injection
ZEN Load Balancer versions 2.0 and 3.0-rc1 contain a command injection vulnerability in content2-2.cgi. The filelog parameter is passed directly into a backtick-delimited exec() call without sanitation. An authenticated attacker can inject arbitrary shell commands, resulting in remote code execution as the root user. ZEN Load Balancer is the predecessor of ZEVENET and SKUDONET. The affected versions (2.0 and 3.0-rc1) are no longer supported. SKUDONET CE is the current community-maintained successor.
by Metasploit
Auxilium RateMyPet - Unauthenticated Arbitrary File Upload via Banner Upload Feature
Auxilium RateMyPet contains an unauthenticated arbitrary file upload vulnerability in upload_banners.php. The banner upload feature fails to validate file types or enforce authentication, allowing remote attackers to upload malicious PHP files. These files are stored in a web-accessible /banners/ directory and can be executed directly, resulting in remote code execution.
by Metasploit
PhpTax 0.8 - Unauthenticated Remote Code Execution via drawimage.php pfilez Parameter
PhpTax version 0.8 contains a remote code execution vulnerability in drawimage.php. The pfilez GET parameter is unsafely passed to the exec() function without sanitization. A remote attacker can inject arbitrary shell commands, leading to code execution under the web server's context. No authentication is required.
by Metasploit
ntr_activex_control < 1.1.8 - Remote Code Execution via StopModule lModule Parameter
The StopModule method in the NTR ActiveX control before 2.0.4.8 allows remote attackers to execute arbitrary code via a crafted lModule parameter that triggers use of an arbitrary memory address as a function pointer.
by Metasploit
NTR ActiveX Control < 2.0.4.8 - Remote Code Execution via Long bstrUrl or bstrParams
Multiple stack-based buffer overflows in the NTR ActiveX control before 2.0.4.8 allow remote attackers to execute arbitrary code via (1) a long bstrUrl parameter to the StartModule method, (2) a long bstrParams parameter to the Check method, a long bstrUrl parameter to the (3) Download or (4) DownloadModule method during construction of a .ntr pathname, or a long bstrUrl parameter to the (5) Download or (6) DownloadModule method during construction of a URL.
by Metasploit
Microsoft Internet Explorer <10 - RCE
Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012.
by Metasploit
CVSS 8.1
By Source