Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-102721 EXPLOITDB python VERIFIED
ptunnel 0.72 - Remote Denial of Service
by st3n
CVE-2012-10053 EXPLOITDB CRITICAL perl VERIFIED
Simple Web Server 2.2 rc2 - Buffer Overflow
Simple Web Server 2.2 rc2 contains a stack-based buffer overflow vulnerability in its handling of the Connection HTTP header. When a remote attacker sends an overly long string in this header, the server uses vsprintf() without proper bounds checking, leading to a buffer overflow on the stack. This flaw allows remote attackers to execute arbitrary code with the privileges of the web server process. The vulnerability is triggered before authentication.
by mr.pr0n
EIP-2026-118975 EXPLOITDB ruby VERIFIED
Novell ZENworks Configuration Management Preboot Service 0x21 - Remote Buffer Overflow (Metasploit)
by Metasploit
EIP-2026-118974 EXPLOITDB ruby VERIFIED
Novell ZENworks Configuration Management Preboot Service 0x06 - Remote Buffer Overflow (Metasploit)
by Metasploit
CVE-2010-3888 EXPLOITDB ruby VERIFIED
Microsoft Windows - Privilege Escalation
Unspecified vulnerability in Microsoft Windows on 32-bit platforms allows local users to gain privileges via unknown vectors, as exploited in the wild in July 2010 by the Stuxnet worm, and identified by Kaspersky Lab researchers and other researchers.
by Metasploit
CVE-2012-5851 EXPLOITDB text VERIFIED
WebKit - Cross-Site Scripting Bypass via Reflected Data
html/parser/XSSAuditor.cpp in WebCore in WebKit, as used in Google Chrome through 22 and Safari 5.1.7, does not consider all possible output contexts of reflected data, which makes it easier for remote attackers to bypass a cross-site scripting (XSS) protection mechanism via a crafted string, aka rdar problem 12019108.
by Tushar Dalvi
EIP-2026-108365 EXPLOITDB text VERIFIED
Joomla! Component com_hello - 'Controller' Local File Inclusion
by AJAX Security Team
CVE-2012-1915 EXPLOITDB MEDIUM text VERIFIED
CodeIgniter < 2.1.2 - Cross-Site Scripting via xss_clean() Filter Bypass
EllisLab CodeIgniter 2.1.2 allows remote attackers to bypass the xss_clean() Filter and perform XSS attacks.
by Krzysztof Kotowicz
CVSS 6.1
CVE-2009-2692 EXPLOITDB HIGH ruby VERIFIED
Linux kernel <2.6.30.4, <2.4.37.4 - Privilege Escalation
The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation (sock_sendpage function) on a PF_PPPOX socket.
by Metasploit
CVSS 7.8
EIP-2026-110002 EXPLOITDB html VERIFIED
Nwahy Articles 2.2 - Cross-Site Request Forgery (Add Admin)
by DaOne
EIP-2026-103416 EXPLOITDB html VERIFIED
Arora Browser - Remote Denial of Service
by t3rm!n4t0r
CVE-2012-4739 EXPLOITDB text VERIFIED
Barracuda SSL VPN < 2.2.2.203 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Barracuda SSL VPN before 2.2.2.203 (2012-07-05) allow remote attackers to inject arbitrary web script or HTML via the (1) policyLaunching, (2) resourcePrefix, or (3) actionPath parameter in showUserResourceCategories.do; (4) list or (5) path parameter to fileSystem.do; or (6) return-To parameter to launchAgent.do.
by Benjamin Kunz Mejri
CVE-2012-4739 EXPLOITDB text VERIFIED
Barracuda SSL VPN < 2.2.2.203 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Barracuda SSL VPN before 2.2.2.203 (2012-07-05) allow remote attackers to inject arbitrary web script or HTML via the (1) policyLaunching, (2) resourcePrefix, or (3) actionPath parameter in showUserResourceCategories.do; (4) list or (5) path parameter to fileSystem.do; or (6) return-To parameter to launchAgent.do.
by Benjamin Kunz Mejri
CVE-2012-4425 EXPLOITDB c
spice-gtk - Privilege Escalation via DBUS_SYSTEM_BUS_ADDRESS Environment Variable
libgio, when used in setuid or other privileged programs in spice-gtk and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: it could be argued that this is a vulnerability in the applications that do not cleanse environment variables, not in libgio itself.
by Sebastian Krahmer
EIP-2026-107198 EXPLOITDB text
Forum Oxalis 0.1.2 - SQL Injection
by Jean Pascal Pereira
EIP-2026-105327 EXPLOITDB text VERIFIED
AVA VoIP - Multiple Vulnerabilities
by Ibrahim El-Sayed
CVE-2012-3524 EXPLOITDB c
libdbus < 1.5.12 - Local Privilege Escalation via DBUS_SYSTEM_BUS_ADDRESS Environment Variable
libdbus 1.5.x and earlier, when used in setuid or other privileged programs in X.org and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: libdbus maintainers state that this is a vulnerability in the applications that do not cleanse environment variables, not in libdbus itself: "we do not support use of libdbus in setuid binaries that do not sanitize their environment before their first call into libdbus."
by Sebastian Krahmer
EIP-2026-118248 EXPLOITDB ruby VERIFIED
ALLMediaServer 0.8 - Remote Buffer Overflow (Metasploit)
by Metasploit
EIP-2026-115163 EXPLOITDB perl
DomsHttpd 1.0 - Remote Denial of Service
by Jean Pascal Pereira
EIP-2026-114322 EXPLOITDB perl VERIFIED
WordPress Theme Diary/Notebook Site5 - Email Spoofing
by bwall
EIP-2026-113977 EXPLOITDB php VERIFIED
WordPress Plugin Post Recommendations - 'abspath' Remote File Inclusion
by Sammy FORGIT
EIP-2026-113233 EXPLOITDB text VERIFIED
web@all - 'name' Cross-Site Scripting
by Sammy FORGIT
EIP-2026-112952 EXPLOITDB text
VamCart CMS 0.9 - Multiple Vulnerabilities
by Vulnerability-Lab
EIP-2026-112105 EXPLOITDB text VERIFIED
Simple Machines 2.0.2 - Multiple HTML Injection Vulnerabilities
by Benjamin Kunz Mejri
EIP-2026-111670 EXPLOITDB text VERIFIED
Rama Zeiten CMS - 'download.php' Remote File Disclosure
by Sammy FORGIT