Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2012-4031 EXPLOITDB ruby
Wangkongbao CNS-1000 and 1100 - Path Traversal via Lang or Langid Cookie
Multiple directory traversal vulnerabilities in src/acloglogin.php in Wangkongbao CNS-1000 and 1100 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) lang or (2) langid cookie to port 85.
by Dillon Beresford
CVE-2012-0124 EXPLOITDB ruby VERIFIED
HP Data Protector Express 5.0.00-59287 and 6.0.00-11974 - Remote Code Execution or Denial of Service
Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors.
by Metasploit
CVE-2012-0897 EXPLOITDB ruby VERIFIED
IrfanView < 4.33 - Remote Code Execution via JPEG2000 QCD Marker Segment
Stack-based buffer overflow in the JPEG2000 plugin in IrfanView PlugIns before 4.33 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment.
by Metasploit
EIP-2026-102827 EXPLOITDB perl
Emesene 2.12.5 - Password Disclosure
by Daniel Godoy
EIP-2026-100689 EXPLOITDB text
BSD - 'TelnetD' Remote Command Execution (2)
by kingcope
CVE-2012-3585 EXPLOITDB text
IrfanView PlugIns < 4.33 - Remote Code Execution via Crafted JLS File
Heap-based buffer overflow in jpeg_ls.dll in the Jpeg_LS (aka JLS) plugin in the formats plugins in IrfanView PlugIns before 4.34 allows remote attackers to execute arbitrary code via a crafted JLS file.
by Joseph Sheridan
EIP-2026-113946 EXPLOITDB text
WordPress Plugin Paid Business Listings 1.0.2 - Blind SQL Injection
by Chris Kellum
CVE-2012-3236 EXPLOITDB text
GIMP < 2.9.2 - Denial of Service via Malformed FITS File XTENSION Header
fits-io.c in GIMP before 2.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed XTENSION header of a .fit file, as demonstrated using a long string.
by Joseph Sheridan
CVE-2012-5972 EXPLOITDB text VERIFIED
SpecView < 2.5 Build 853 - Path Traversal via URI
Directory traversal vulnerability in the web server in SpecView 2.5 build 853 and earlier allows remote attackers to read arbitrary files via a ... (dot dot dot) in a URI.
by Luigi Auriemma
EIP-2026-116090 EXPLOITDB text VERIFIED
PowerNet Twin Client 8.9 - 'RFSync 1.0.0.1' Crash (PoC)
by Luigi Auriemma
EIP-2026-116040 EXPLOITDB c++
PC Tools Firewall Plus 7.0.0.123 - Local Denial of Service
by 0in
EIP-2026-111131 EXPLOITDB text VERIFIED
phpmoneybooks 1.03 - Persistent Cross-Site Scripting
by chap0
EIP-2026-109166 EXPLOITDB text VERIFIED
LIOOSYS CMS - SQL Injection / Information Disclosure
by MustLive
EIP-2026-108035 EXPLOITDB php VERIFIED
JAKCMS PRO 2.2.6 - 'uploader.php' Arbitrary File Upload
by Sammy FORGIT
CVE-2012-3414 EXPLOITDB text VERIFIED
SWFUpload < 2.2.0.1 - Cross-Site Scripting via movieName Parameter
Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and earlier, as used in WordPress before 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote attackers to inject arbitrary web script or HTML via the movieName parameter, related to the "ExternalInterface.call" function.
by Nathan Partlan
CVE-2012-0663 EXPLOITDB ruby VERIFIED
Apple QuickTime <7.7.2 - Buffer Overflow
Multiple stack-based buffer overflows in Apple QuickTime before 7.7.2 on Windows allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TeXML file.
by Metasploit
EIP-2026-116485 EXPLOITDB perl VERIFIED
VideoLAN VLC Media Player 2.0.1 - '.avi' File Denial of Service
by Dark-Puzzle
EIP-2026-116157 EXPLOITDB perl VERIFIED
Real Networks RealPlayer - '.avi' File Divide-by-Zero Denial of Service
by Dark-Puzzle
EIP-2026-113271 EXPLOITDB text VERIFIED
webERP 4.08.1 - Local/Remote File Inclusion
by dun
EIP-2026-110815 EXPLOITDB php VERIFIED
PHP-Fusion Advanced MP3 Player Infusion - 'upload.php' Arbitrary File Upload
by Sammy FORGIT
EIP-2026-102537 EXPLOITDB text VERIFIED
TEMENOS T24 - Multiple Cross-Site Scripting Vulnerabilities
by Rehan Ahmed
CVE-2008-6508 EXPLOITDB ruby VERIFIED
Openfire < 3.6.0a - Unauthenticated Path Traversal via Admin Console URI
Directory traversal vulnerability in the AuthCheck filter in the Admin Console in Openfire 3.6.0a and earlier allows remote attackers to bypass authentication and access the admin interface via a .. (dot dot) in a URI that matches the Exclude-Strings list, as demonstrated by a /setup/setup-/.. sequence in a URI.
by Metasploit
EIP-2026-101849 EXPLOITDB text VERIFIED
Mobile USB Drive HD - Multiple Local File Inclusion / Arbitrary File Upload Vulnerabilities
by Benjamin Kunz Mejri
CVE-2011-3478 EXPLOITDB python VERIFIED
Symantec pcAnywhere 12.5.x-12.5.3 & IT Management Suite 7.0-7.1 - RCE via TCP Port 5631
The host-services component in Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), does not properly filter login and authentication data, which allows remote attackers to execute arbitrary code via a crafted session on TCP port 5631.
by S2 Crew
CVE-2012-4357 EXPLOITDB text VERIFIED
Winlog Pro < 2.07.17 - Remote Code Execution via Invalid File-Pointer Index
Array index error in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 might allow remote attackers to execute arbitrary code by referencing, within a port-46824 TCP packet, an invalid file-pointer index that leads to execution of an EnterCriticalSection code block.
by Luigi Auriemma