Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-104951 EXPLOITDB text VERIFIED
ADICO - 'index.php' Script SQL Injection
by Ibrahim El-Sayed
CVE-2007-1195 EXPLOITDB python VERIFIED
XM Easy Personal FTP Server 5.3.0 - Buffer Overflow
Multiple buffer overflows in XM Easy Personal FTP Server 5.3.0 allow remote attackers to execute arbitrary code via unspecified vectors. NOTE: this issue might overlap CVE-2006-2225, CVE-2006-2226, or CVE-2006-5728.
by mr_me
CVE-2012-1875 EXPLOITDB ruby VERIFIED
Microsoft Internet Explorer 8 - Remote Code Execution via Deleted Object Access
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Same ID Property Remote Code Execution Vulnerability."
by Metasploit
CVE-2012-1661 EXPLOITDB text
ESRI ArcMap < 10.0.2.3200 - Arbitrary VBA Code Execution via Crafted Map File
ESRI ArcMap 9 and ArcGIS 10.0.2.3200 and earlier does not properly prompt users before executing embedded VBA macros, which allows user-assisted remote attackers to execute arbitrary VBA code via a crafted map (.mxd) file.
by Boston Cyber Defense
EIP-2026-114297 EXPLOITDB php VERIFIED
WordPress Plugin Zingiri Web Shop 2.4.3 - 'uploadfilexd.php' Arbitrary File Upload
by Sammy FORGIT
EIP-2026-113838 EXPLOITDB php VERIFIED
WordPress Plugin Invit0r - 'ofc_upload_image.php' Arbitrary File Upload
by Sammy FORGIT
EIP-2026-112516 EXPLOITDB text VERIFIED
Swoopo Gold Shop CMS 8.4.56 - Multiple Web Vulnerabilities
by Vulnerability-Lab
EIP-2026-112407 EXPLOITDB text
Squirrelcart Cart Shop 3.3.4 - Multiple Web Vulnerabilities
by Vulnerability-Lab
EIP-2026-112094 EXPLOITDB text VERIFIED
Simple Forum PHP - Multiple SQL Injections
by Vulnerability Research Laboratory
EIP-2026-111610 EXPLOITDB python VERIFIED
qdPM 7 - Arbitrary File upload
by loneferret
EIP-2026-109865 EXPLOITDB text VERIFIED
NetArt Media Jobs Portal - SQL Injection
by Ibrahim El-Sayed
CVE-2012-4258 EXPLOITDB text VERIFIED
MYRE Real Estate Software 2012 Q2 - SQL Injection via link_idd or userid Parameter
Multiple SQL injection vulnerabilities in MYRE Real Estate Software (2012 Q2) allow remote attackers to execute arbitrary SQL commands via the (1) link_idd parameter to 1_mobile/listings.php or (2) userid parameter to 1_mobile/agentprofile.php.
by Vulnerability-Lab
EIP-2026-105771 EXPLOITDB text VERIFIED
Cells Blog CMS 1.1 - Multiple Web Vulnerabilities
by Vulnerability-Lab
CVE-2012-0780 EXPLOITDB python
Adobe Illustrator < CS6 - Memory Corruption
Adobe Illustrator before CS6 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2023, CVE-2012-2024, CVE-2012-2025, and CVE-2012-2026.
by Felipe Andres Manzano
EIP-2026-102426 EXPLOITDB text VERIFIED
Squiz CMS - Multiple Cross-Site Scripting / XML External Entity Injection Vulnerabilities
by Nadeem Salim
CVE-2012-1038 EXPLOITDB text VERIFIED
Juniper Networks MSS <7.6.3-7.7.1-7.5.3-7.4-7.3 - XSS
Cross-site scripting (XSS) vulnerability in the WebAAA login functionality (wba_login.html) in Juniper Networks Mobility System Software (MSS) 7.6.x before 7.6.3, 7.7.x before 7.7.1, 7.5.x before 7.5.3, and other unspecified versions before 7.4 and 7.3 allows remote attackers to inject arbitrary web script or HTML via a crafted parameter name.
by Craig Lambert
EIP-2026-101262 EXPLOITDB python VERIFIED
Edimax IC-3030iWn - UDP Packet Password Information Disclosure
by y3dips
CVE-2009-0695 EXPLOITDB ruby
Wyse Device Manager 4.7.x - Unauthenticated Remote Command Execution via hagent.exe
hagent.exe in Wyse Device Manager (WDM) 4.7.x does not require authentication for commands, which allows remote attackers to obtain management access via a crafted query, as demonstrated by a V52 query that triggers a power-off action.
by it.solunium
EIP-2026-119307 EXPLOITDB text VERIFIED
XAMPP for Windows 1.7.7 - Multiple Cross-Site Scripting / SQL Injections
by Sangteamtham
EIP-2026-114628 EXPLOITDB php VERIFIED
Zimplit CMS 3.0 - Local File Inclusion / Arbitrary File Upload
by KedAns-Dz
EIP-2026-113806 EXPLOITDB php VERIFIED
WordPress Plugin HD FLV Player - 'uploadVideo.php' Arbitrary File Upload
by Sammy FORGIT
EIP-2026-113767 EXPLOITDB ruby VERIFIED
WordPress Plugin Foxypress - 'Uploadify.php' Arbitrary Code Execution (Metasploit)
by Metasploit
EIP-2026-113766 EXPLOITDB ruby VERIFIED
WordPress Plugin Foxypress - 'Uploadify.php' Arbitrary Code Execution (Metasploit)
by Metasploit
EIP-2026-112389 EXPLOITDB html VERIFIED
SPIP 2.x - Multiple Cross-Site Scripting Vulnerabilities
by anonymous
EIP-2026-108792 EXPLOITDB php VERIFIED
Joomla! Component mod_jfancy - 'script.php' Arbitrary File Upload
by Sammy FORGIT