Exploitdb Exploits
50,095 exploits tracked across all sources.
Simple Web Server 2.2 rc2 - Buffer Overflow
Simple Web Server 2.2 rc2 contains a stack-based buffer overflow vulnerability in its handling of the Connection HTTP header. When a remote attacker sends an overly long string in this header, the server uses vsprintf() without proper bounds checking, leading to a buffer overflow on the stack. This flaw allows remote attackers to execute arbitrary code with the privileges of the web server process. The vulnerability is triggered before authentication.
by mr.pr0n
Novell ZENworks Configuration Management Preboot Service 0x21 - Remote Buffer Overflow (Metasploit)
by Metasploit
Novell ZENworks Configuration Management Preboot Service 0x06 - Remote Buffer Overflow (Metasploit)
by Metasploit
Microsoft Windows - Privilege Escalation
Unspecified vulnerability in Microsoft Windows on 32-bit platforms allows local users to gain privileges via unknown vectors, as exploited in the wild in July 2010 by the Stuxnet worm, and identified by Kaspersky Lab researchers and other researchers.
by Metasploit
WebKit - Cross-Site Scripting Bypass via Reflected Data
html/parser/XSSAuditor.cpp in WebCore in WebKit, as used in Google Chrome through 22 and Safari 5.1.7, does not consider all possible output contexts of reflected data, which makes it easier for remote attackers to bypass a cross-site scripting (XSS) protection mechanism via a crafted string, aka rdar problem 12019108.
by Tushar Dalvi
Joomla! Component com_hello - 'Controller' Local File Inclusion
by AJAX Security Team
CodeIgniter < 2.1.2 - Cross-Site Scripting via xss_clean() Filter Bypass
EllisLab CodeIgniter 2.1.2 allows remote attackers to bypass the xss_clean() Filter and perform XSS attacks.
by Krzysztof Kotowicz
CVSS 6.1
Linux kernel <2.6.30.4, <2.4.37.4 - Privilege Escalation
The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation (sock_sendpage function) on a PF_PPPOX socket.
by Metasploit
CVSS 7.8
Nwahy Articles 2.2 - Cross-Site Request Forgery (Add Admin)
by DaOne
Barracuda SSL VPN < 2.2.2.203 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Barracuda SSL VPN before 2.2.2.203 (2012-07-05) allow remote attackers to inject arbitrary web script or HTML via the (1) policyLaunching, (2) resourcePrefix, or (3) actionPath parameter in showUserResourceCategories.do; (4) list or (5) path parameter to fileSystem.do; or (6) return-To parameter to launchAgent.do.
by Benjamin Kunz Mejri
Barracuda SSL VPN < 2.2.2.203 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Barracuda SSL VPN before 2.2.2.203 (2012-07-05) allow remote attackers to inject arbitrary web script or HTML via the (1) policyLaunching, (2) resourcePrefix, or (3) actionPath parameter in showUserResourceCategories.do; (4) list or (5) path parameter to fileSystem.do; or (6) return-To parameter to launchAgent.do.
by Benjamin Kunz Mejri
spice-gtk - Privilege Escalation via DBUS_SYSTEM_BUS_ADDRESS Environment Variable
libgio, when used in setuid or other privileged programs in spice-gtk and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: it could be argued that this is a vulnerability in the applications that do not cleanse environment variables, not in libgio itself.
by Sebastian Krahmer
libdbus < 1.5.12 - Local Privilege Escalation via DBUS_SYSTEM_BUS_ADDRESS Environment Variable
libdbus 1.5.x and earlier, when used in setuid or other privileged programs in X.org and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: libdbus maintainers state that this is a vulnerability in the applications that do not cleanse environment variables, not in libdbus itself: "we do not support use of libdbus in setuid binaries that do not sanitize their environment before their first call into libdbus."
by Sebastian Krahmer
ALLMediaServer 0.8 - Remote Buffer Overflow (Metasploit)
by Metasploit
WordPress Theme Diary/Notebook Site5 - Email Spoofing
by bwall
WordPress Plugin Post Recommendations - 'abspath' Remote File Inclusion
by Sammy FORGIT
Simple Machines 2.0.2 - Multiple HTML Injection Vulnerabilities
by Benjamin Kunz Mejri
Rama Zeiten CMS - 'download.php' Remote File Disclosure
by Sammy FORGIT
By Source