Exploitdb Exploits

50,091 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-109731 EXPLOITDB text VERIFIED
MyBB Profile Albums Plugin 0.9 - 'albums.php?album' SQL Injection
by Zixem
EIP-2026-108371 EXPLOITDB text VERIFIED
Joomla! Component com_icagenda - 'id' Multiple Vulnerabilities
by Dark-Puzzle
EIP-2026-102103 EXPLOITDB text
Visual Tools DVR3.0.6.16_ vx series 4.2.19.2 - Multiple Vulnerabilities
by Andrea Fabrizi
CVE-2012-6568 EXPLOITDB perl
Huawei UTPS 1.0 - Buffer Overflow via IDS_PLUGIN_NAME in Plugin Configuration File
Buffer overflow in the back-end component in Huawei UTPS 1.0 allows local users to gain privileges via a long IDS_PLUGIN_NAME string in a plug-in configuration file.
by Dark-Puzzle
EIP-2026-116121 EXPLOITDB python VERIFIED
QQPlayer 3.7.892 - m2p 'quartz.dll' Heap Pointer Overwrite (PoC)
by James Ritchey
EIP-2026-115804 EXPLOITDB perl VERIFIED
Microsoft Windows Media Player 10 - '.avi' Integer Division By Zero Crash (PoC)
by Dark-Puzzle
EIP-2026-113671 EXPLOITDB text VERIFIED
WordPress Plugin Crayon Syntax Highlighter - 'wp_load' Remote File Inclusion
by Charlie Eriksen
EIP-2026-112051 EXPLOITDB text VERIFIED
SilverStripe CMS 2.4.x - 'BackURL' Open Redirection
by Aung Khant
EIP-2026-105755 EXPLOITDB text VERIFIED
Cartweaver 3 - Local File Inclusion
by HaxOr
EIP-2026-105038 EXPLOITDB text
airVisionNVR 1.1.13 - 'readfile()' Disclosure / SQL Injection
by pennyGrit
EIP-2026-101564 EXPLOITDB text
BigPond 3G21WB - Multiple Vulnerabilities
by Roberto Paleari
EIP-2026-103982 EXPLOITDB ruby VERIFIED
Metasploit < 4.4 - pcap_log Plugin Privilege Escalation (Metasploit)
by 0a29406d9794e4f9b30b3c5d6702c708
CVE-2012-2516 EXPLOITDB ruby VERIFIED
GE Intelligent Platforms - Command Injection
An ActiveX control in KeyHelp.ocx in KeyWorks KeyHelp Module (aka the HTML Help component), as used in GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; Proficy HMI/SCADA iFIX 5.0 and 5.1; Proficy Pulse 1.0; Proficy Batch Execution 5.6; SI7 I/O Driver 7.20 through 7.42; and other products, allows remote attackers to execute arbitrary commands via crafted input, related to a "command injection vulnerability."
by Metasploit
EIP-2026-117767 EXPLOITDB php VERIFIED
PHP 5.3.4 Win Com Module - Com_sink
by fb1h2s
EIP-2026-117164 EXPLOITDB text
FileBound 6.2 - Local Privilege Escalation
by Nathaniel Carew
CVE-2012-5470 EXPLOITDB perl VERIFIED
VLC media player 2.0.3 - Denial of Service via Crafted PNG File
libpng_plugin in VideoLAN VLC media player 2.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted PNG file.
by Jean Pascal Pereira
CVE-2012-5672 EXPLOITDB perl VERIFIED
Microsoft Excel and Excel Viewer - Denial of Service via Crafted Spreadsheet File
Microsoft Excel Viewer (aka Xlview.exe) and Excel in Microsoft Office 2007 (aka Office 12) allow remote attackers to cause a denial of service (read access violation and application crash) via a crafted spreadsheet file, as demonstrated by a .xls file with battery voltage data.
by Jean Pascal Pereira
EIP-2026-113141 EXPLOITDB text
vOlk Botnet Framework 4.0 - Multiple Vulnerabilities
by Vulnerability-Lab
EIP-2026-110031 EXPLOITDB text
Omnistar Document Manager 8.0 - Multiple Vulnerabilities
by Vulnerability-Lab
CVE-2012-10039 EXPLOITDB CRITICAL ruby VERIFIED
ZEN Load Balancer <3.0-rc1 - Command Injection
ZEN Load Balancer versions 2.0 and 3.0-rc1 contain a command injection vulnerability in content2-2.cgi. The filelog parameter is passed directly into a backtick-delimited exec() call without sanitation. An authenticated attacker can inject arbitrary shell commands, resulting in remote code execution as the root user. ZEN Load Balancer is the predecessor of ZEVENET and SKUDONET. The affected versions (2.0 and 3.0-rc1) are no longer supported. SKUDONET CE is the current community-maintained successor.
by Metasploit
CVE-2012-10038 EXPLOITDB CRITICAL ruby VERIFIED
Auxilium RateMyPet - Unauthenticated Arbitrary File Upload via Banner Upload Feature
Auxilium RateMyPet contains an unauthenticated arbitrary file upload vulnerability in upload_banners.php. The banner upload feature fails to validate file types or enforce authentication, allowing remote attackers to upload malicious PHP files. These files are stored in a web-accessible /banners/ directory and can be executed directly, resulting in remote code execution.
by Metasploit
CVE-2012-10037 EXPLOITDB CRITICAL ruby VERIFIED
PhpTax 0.8 - Unauthenticated Remote Code Execution via drawimage.php pfilez Parameter
PhpTax version 0.8 contains a remote code execution vulnerability in drawimage.php. The pfilez GET parameter is unsafely passed to the exec() function without sanitization. A remote attacker can inject arbitrary shell commands, leading to code execution under the web server's context. No authentication is required.
by Metasploit
CVE-2012-0267 EXPLOITDB ruby VERIFIED
ntr_activex_control < 1.1.8 - Remote Code Execution via StopModule lModule Parameter
The StopModule method in the NTR ActiveX control before 2.0.4.8 allows remote attackers to execute arbitrary code via a crafted lModule parameter that triggers use of an arbitrary memory address as a function pointer.
by Metasploit
CVE-2012-0266 EXPLOITDB ruby VERIFIED
NTR ActiveX Control < 2.0.4.8 - Remote Code Execution via Long bstrUrl or bstrParams
Multiple stack-based buffer overflows in the NTR ActiveX control before 2.0.4.8 allow remote attackers to execute arbitrary code via (1) a long bstrUrl parameter to the StartModule method, (2) a long bstrParams parameter to the Check method, a long bstrUrl parameter to the (3) Download or (4) DownloadModule method during construction of a .ntr pathname, or a long bstrUrl parameter to the (5) Download or (6) DownloadModule method during construction of a URL.
by Metasploit
CVE-2012-4969 EXPLOITDB HIGH ruby VERIFIED
Microsoft Internet Explorer <10 - RCE
Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012.
by Metasploit
CVSS 8.1