Exploitdb Exploits
50,095 exploits tracked across all sources.
Bigware Shop 2.1x - 'main_bigware_54.php' SQL Injection
by rwenzel
Apache Struts < 2.2.3.1 - Remote Code Execution via ExceptionDelegator OGNL Expression Injection
The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote attackers to execute arbitrary Java code via a crafted parameter.
by Metasploit
CVSS 9.8
Hexamail Server 4.4.5 - Persistent Cross-Site Scripting
by modpr0be
Sysax 5.60 - Create SSL Certificate Buffer Overflow
by Craig Freyman
WordPress Plugin Picturesurf Gallery - 'upload.php' Arbitrary File Upload
by Sammy FORGIT
vanilla forums poll plugin 0.9 - Persistent Cross-Site Scripting
by Henry Hoggard
Vanilla Forums 2.0.18.4 - Tagging Persistent Cross-Site Scripting
by Henry Hoggard
TinyCMS 1.3 - Arbitrary File Upload / Cross-Site Request Forgery
by KedAns-Dz
TinyCMS 1.3 - 'index.php?page' Traversal Local File Inclusion
by KedAns-Dz
TinyCMS 1.3 - '/admin/admin.php?do' Traversal Local File Inclusion
by KedAns-Dz
Ajax File and Image Manager < 1.1 - Remote Code Execution via PHP Code Injection in data.php
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted parameters.
by Metasploit
Ignite Solutions CMS - 'car-details.php' SQL Injection
by Am!r
AdaptCMS 2.0.2 TinyURL Plugin - 'index.php?id' SQL Injection
by KedAns-Dz
AdaptCMS 2.0.2 TinyURL Plugin - 'admin.php' Multiple SQL Injections
by KedAns-Dz
PHP 5.3.10 - 'spl_autoload_register()' Local Denial of Service
by Yakir Wizman
PHP 5.3.10 - 'spl_autoload_call()' Local Denial of Service
by Yakir Wizman
GIMP < 2.6.13 - Remote Code Execution via Long String in Script-Fu Server Command
Buffer overflow in the readstr_upto function in plug-ins/script-fu/tinyscheme/scheme.c in GIMP 2.6.12 and earlier, and possibly 2.6.13, allows remote attackers to execute arbitrary code via a long string in a command to the script-fu server.
by Metasploit
IrfanView 4.33 - Format PlugIn '.TTF' File Parsing Stack Overflow
by Francis Provencher
Vanilla Forum Tagging Plugin Enchanced 1.0.1 - Persistent Cross-Site Scripting
by Henry Hoggard
Citrix Provisioning Services 5.6 SP1 - Streamprocess Opcode 0x40020006 Buffer Overflow (Metasploit)
by Metasploit
Citrix Provisioning Services 5.6 SP1 - Streamprocess Opcode 0x40020004 Buffer Overflow (Metasploit)
by Metasploit
Citrix Provisioning Services 5.6 SP1 - Streamprocess Opcode 0x40020002 Buffer Overflow (Metasploit)
by Metasploit
IrfanView 4.33 - Format PlugIn ECW Decompression Heap Overflow
by Francis Provencher
By Source