Exploitdb Exploits
50,095 exploits tracked across all sources.
Wangkongbao CNS-1000 and 1100 - Path Traversal via Lang or Langid Cookie
Multiple directory traversal vulnerabilities in src/acloglogin.php in Wangkongbao CNS-1000 and 1100 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) lang or (2) langid cookie to port 85.
by Dillon Beresford
HP Data Protector Express 5.0.00-59287 and 6.0.00-11974 - Remote Code Execution or Denial of Service
Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors.
by Metasploit
IrfanView < 4.33 - Remote Code Execution via JPEG2000 QCD Marker Segment
Stack-based buffer overflow in the JPEG2000 plugin in IrfanView PlugIns before 4.33 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment.
by Metasploit
IrfanView PlugIns < 4.33 - Remote Code Execution via Crafted JLS File
Heap-based buffer overflow in jpeg_ls.dll in the Jpeg_LS (aka JLS) plugin in the formats plugins in IrfanView PlugIns before 4.34 allows remote attackers to execute arbitrary code via a crafted JLS file.
by Joseph Sheridan
WordPress Plugin Paid Business Listings 1.0.2 - Blind SQL Injection
by Chris Kellum
GIMP < 2.9.2 - Denial of Service via Malformed FITS File XTENSION Header
fits-io.c in GIMP before 2.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed XTENSION header of a .fit file, as demonstrated using a long string.
by Joseph Sheridan
SpecView < 2.5 Build 853 - Path Traversal via URI
Directory traversal vulnerability in the web server in SpecView 2.5 build 853 and earlier allows remote attackers to read arbitrary files via a ... (dot dot dot) in a URI.
by Luigi Auriemma
PowerNet Twin Client 8.9 - 'RFSync 1.0.0.1' Crash (PoC)
by Luigi Auriemma
phpmoneybooks 1.03 - Persistent Cross-Site Scripting
by chap0
LIOOSYS CMS - SQL Injection / Information Disclosure
by MustLive
JAKCMS PRO 2.2.6 - 'uploader.php' Arbitrary File Upload
by Sammy FORGIT
SWFUpload < 2.2.0.1 - Cross-Site Scripting via movieName Parameter
Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and earlier, as used in WordPress before 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote attackers to inject arbitrary web script or HTML via the movieName parameter, related to the "ExternalInterface.call" function.
by Nathan Partlan
Apple QuickTime <7.7.2 - Buffer Overflow
Multiple stack-based buffer overflows in Apple QuickTime before 7.7.2 on Windows allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TeXML file.
by Metasploit
VideoLAN VLC Media Player 2.0.1 - '.avi' File Denial of Service
by Dark-Puzzle
Real Networks RealPlayer - '.avi' File Divide-by-Zero Denial of Service
by Dark-Puzzle
PHP-Fusion Advanced MP3 Player Infusion - 'upload.php' Arbitrary File Upload
by Sammy FORGIT
TEMENOS T24 - Multiple Cross-Site Scripting Vulnerabilities
by Rehan Ahmed
Openfire < 3.6.0a - Unauthenticated Path Traversal via Admin Console URI
Directory traversal vulnerability in the AuthCheck filter in the Admin Console in Openfire 3.6.0a and earlier allows remote attackers to bypass authentication and access the admin interface via a .. (dot dot) in a URI that matches the Exclude-Strings list, as demonstrated by a /setup/setup-/.. sequence in a URI.
by Metasploit
Mobile USB Drive HD - Multiple Local File Inclusion / Arbitrary File Upload Vulnerabilities
by Benjamin Kunz Mejri
Symantec pcAnywhere 12.5.x-12.5.3 & IT Management Suite 7.0-7.1 - RCE via TCP Port 5631
The host-services component in Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), does not properly filter login and authentication data, which allows remote attackers to execute arbitrary code via a crafted session on TCP port 5631.
by S2 Crew
Winlog Pro < 2.07.17 - Remote Code Execution via Invalid File-Pointer Index
Array index error in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 might allow remote attackers to execute arbitrary code by referencing, within a port-46824 TCP packet, an invalid file-pointer index that leads to execution of an EnterCriticalSection code block.
by Luigi Auriemma
By Source