Exploitdb Exploits
50,091 exploits tracked across all sources.
Omnistar Mailer - Multiple SQL Injections / HTML Injection Vulnerabilities
by Vulnerability Laboratory
AlamFifa CMS - 'user_name_cookie' SQL Injection
by L0n3ly-H34rT
Dart PowerTCP ActiveX - Denial of Service via Long Request
Stack consumption vulnerability in dartwebserver.dll 1.9 and earlier, as used in Dart PowerTCP WebServer for ActiveX and other products, allows remote attackers to cause a denial of service (daemon crash) via a long request.
by catatonicprime
IBM Lotus Notes Traveler 8.5.1.x - Multiple Input Validation Vulnerabilities
by MustLive
Trend Micro Control Manager <5.5.0.1823, <6.0.0.1449 - SQL Injection
SQL injection vulnerability in the ad hoc query module in Trend Micro Control Manager (TMCM) before 5.5.0.1823 and 6.0 before 6.0.0.1449 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
by otoy
Smartfren Connex EC 1261-2 UI OUC - Local Privilege Escalation
by X-Cisadane
JAMF Casper Suite < 8.61 - Cross-Site Request Forgery via Save Action
Multiple cross-site request forgery (CSRF) vulnerabilities in editAccount.html in the JAMF Software Server (JSS) interface in JAMF Casper Suite before 8.61 allow remote attackers to hijack the authentication of administrators for requests that (1) create user accounts or (2) change passwords via a Save action.
by Jacob Holcomb
WordPress Plugin ABC Test - 'id' Cross-Site Scripting
by Scott Herbert
ViArt Shop Evaluation 4.1 - Multiple Remote File Inclusions
by L0n3ly-H34rT
YingZhiPython - Directory Traversal / Arbitrary File Upload
by Larry Cashdollar
Cisco Wireless LAN Controller <6.0.200.0-7.0.112.0 - DoS
Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 6.0 before 6.0.200.0, 7.0 before 7.0.98.216, and 7.0.1xx before 7.0.112.0 allows remote attackers to cause a denial of service (device reload) via a sequence of ICMP packets, aka Bug ID CSCth74426.
by Daniel Smith
WordPress Plugin Token Manager - 'tid' Cross-Site Scripting
by TheCyberNuxbie
ViArt Shop Enterprise 4.1 - Arbitrary Command Execution
by LiquidWorm
QNX 6.5.0 / QCONN 1.4.207944 - Remote Command Execution
by Mor!p3r
ZEN Load Balancer - Multiple Vulnerabilities
by Brendan Coles
WordPress Plugin Sexy Add Template - Cross-Site Request Forgery
by the_cyber_nuxbie
WordPress Core 3.4.2 - Cross-Site Request Forgery
by AkaStep
MF Gig Calendar 0.9.2 - Cross-Site Scripting via Query String
Cross-site scripting (XSS) vulnerability in the MF Gig Calendar plugin 0.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the query string to the calendar page.
by Chris Cooper
By Source