Exploitdb Exploits
50,095 exploits tracked across all sources.
SugarCRM CE <= 6.3.1 - Code Injection
SugarCRM CE <= 6.3.1 contains scripts that use "unserialize()" with user controlled input which allows remote attackers to execute arbitrary PHP code.
by EgiX
CVSS 9.8
SilverStripe CMS Pixlr Image Editor - 'upload.php' Arbitrary File Upload
by Sammy FORGIT
Amazon S3 Uploadify Script - 'Uploadify.php' Arbitrary File Upload
by Sammy FORGIT
SoftPerfect Bandwidth Manager 2.9.10 - Authentication Bypass
by Gitsnik
XnView < 1.99 - Heap-Based Buffer Overflow via SGI32LogLum Compressed TIFF Image
Multiple heap-based buffer overflows in XnView before 1.99 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a (1) SGI32LogLum compressed TIFF image or (2) SGI32LogLum compressed TIFF image with the PhotometricInterpretation encoding set to LogL.
by Francis Provencher
XnView < 1.99 - Heap-Based Buffer Overflow via SGI32LogLum Compressed TIFF Image
Multiple heap-based buffer overflows in XnView before 1.99 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a (1) SGI32LogLum compressed TIFF image or (2) SGI32LogLum compressed TIFF image with the PhotometricInterpretation encoding set to LogL.
by Francis Provencher
XnView < 1.99 - Heap-Based Buffer Overflow via Crafted PCT Image
Heap-based buffer overflow in XnView before 1.99 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PCT image.
by Francis Provencher
XnView < 1.98.8 - Heap-Based Buffer Overflow via GIF ImageDescriptor ImageLeftPosition
Heap-based buffer overflow in XnView before 1.99 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted ImageLeftPosition value in an ImageDescriptor structure in a GIF image.
by Francis Provencher
Qutecom SoftPhone 2.2.1 - Heap Overflow Crash (Denial of Service) (PoC)
by Debasish Mandal
Lattice Diamond Programmer 1.4.2 - Buffer Overflow
Buffer overflow in programmer.exe in Lattice Diamond Programmer 1.4.2 allows user-assisted remote attackers to cause a denial of service (application crash) and execute arbitrary code via a long string in a version attribute of an ispXCF element in an .xcf file.
by Core Security
ACDSee PRO 5.1 - '.RLE' Image Processing Heap Overflow
by Francis Provencher
ACDSee PRO 5.1 - '.PCT' Image Processing Heap Overflow
by Francis Provencher
ACDSee PRO 5.1 - '.gif' Image Processing Heap Overflow
by Francis Provencher
ACDSee PRO 5.1 - '.CUR' Image Processing Heap Overflow
by Francis Provencher
LimeSurvey 1.92+ build120620 - Multiple Vulnerabilities
by dun
CMS Lokomedia - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
by the_cyber_nuxbie
agora project 2.13.1 - Multiple Vulnerabilities
by Chris Russell
IBM DS Storage Manager Host Software < 10.83 - Cross-Site Scripting via SoftwareRegistration.do updateRegn Parameter
Cross-site scripting (XSS) vulnerability in SoftwareRegistration.do in the Storage Manager Profiler in IBM System Storage DS Storage Manager before 10.83.xx.18 on DS Series devices allows remote attackers to inject arbitrary web script or HTML via the updateRegn parameter.
by LiquidWorm
Apple iTunes 10.6.1.7 - Extended m3u Stack Buffer Overflow (Metasploit)
by Rh0
Joomla! Component com_szallasok - 'id' SQL Injection
by CoBRa_21
Adiscan LogAnalyzer 3.4.3 - Cross-Site Scripting
by Sooraj K.S
By Source