Exploitdb Exploits
50,095 exploits tracked across all sources.
Yamamah Photo Gallery 1.1 - Database Information Disclosure
by L3b-r1'z
PHP Volunteer Management System 1.0.2 - Multiple SQL Injections
by loneferret
Symantec Web Gateway < 5.0.3 - Remote Code Execution via Management GUI Script Access
The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not properly restrict access to application scripts, which allows remote attackers to execute arbitrary code by (1) injecting crafted data or (2) including crafted data.
by Metasploit
WeBid < 1.0.2 - Unauthenticated Remote Code Execution via Converter.php to Parameter
WeBid 1.0.2 contains a remote code injection vulnerability in the converter.php script, where unsanitized input in the to parameter of a POST request is written directly into includes/currencies.php. This allows unauthenticated attackers to inject arbitrary PHP code, resulting in persistent remote code execution when the modified script is accessed or included by the application.
by Metasploit
QuickShare File Server 1.2.1 - Path Traversal
QuickShare File Server 1.2.1 contains a path traversal vulnerability in its FTP service due to improper sanitation of user-supplied file paths. Authenticated users can exploit this flaw by submitting crafted sequences to access or write files outside the intended virtual directory. When the "Writable" option is enabled (default during account creation), this allows attackers to upload arbitrary files to privileged locations such as system32, enabling remote code execution via MOF injection or executable placement.
by Metasploit
Nilehoster Topics Viewer 2.3 - Multiple SQL Injections / Local File Inclusion
by n4ss1m
b2ePms 1.0 - Multiple SQL Injection Vulnerabilities
by loneferret
AzDGDatingMedium 1.9.3 - Multiple Remote Vulnerabilities
by AkaStep
Symantec Web Gateway < 5.0.3 - Remote Code Execution via Management GUI Script Access
The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not properly restrict access to application scripts, which allows remote attackers to execute arbitrary code by (1) injecting crafted data or (2) including crafted data.
by muts
RabidHamster R4 v1.25 - Buffer Overflow
RabidHamster R4 v1.25 contains a stack-based buffer overflow vulnerability due to unsafe use of sprintf() when logging malformed HTTP requests. A remote attacker can exploit this flaw by sending a specially crafted URI, resulting in arbitrary code execution under the context of the web server process.
by Metasploit
OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow
Heap-based buffer overflow in the OLE importer in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an OLE file with a crafted DocumentSummaryInformation stream.
by Metasploit
DynPage 1.0 - 'ckfinder' Multiple Arbitrary File Upload Vulnerabilities
by KedAns-Dz
appRain CMF <= 0.1.5 - Unauthenticated Arbitrary File Upload and Remote Code Execution
Unrestricted file upload vulnerability in addons/uploadify/uploadify.php in appRain CMF 0.1.5 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the uploads directory.
by Metasploit
Apple iOS 5.1.1 Safari Browser - 'JS match()' / 'search()' Crash (PoC)
by Alberto Ortega
phpCollab 2.5 - Direct Request Multiple Protected Page Access
by team ' & 1=1--
PHPCollab 2.5 - 'uploadfile.php' Crafted Request Arbitrary Non-PHP File Upload
by team ' & 1=1--
Jaow < 2.4.5 - SQL Injection via add_ons Parameter
SQL injection vulnerability in add_ons.php in Jaow 2.4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the add_ons parameter.
by kallimero
Wireshark 1.4.x < 1.4.13 and 1.6.x < 1.6.8 - Denial of Service via R3 Dissector Integer Underflow
Multiple integer underflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (loop) via vectors related to the R3 dissector, a different vulnerability than CVE-2012-2392.
by Laurent Butti
Wireshark <1.4.13 & 1.6.x <1.6.8 - DoS
Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on the SPARC and Itanium platforms does not properly perform data alignment for a certain structure member, which allows remote attackers to cause a denial of service (application crash) via a (1) ICMP or (2) ICMPv6 Echo Request packet.
by Klaus Heckelmann
Wireshark 1.4.x < 1.4.13 and 1.6.x < 1.6.8 - Denial of Service in DIAMETER Dissector
epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 does not properly construct certain array data structures, which allows remote attackers to cause a denial of service (application crash) via a crafted packet that triggers incorrect memory allocation.
by Wireshark
mod_auth_openid <0.7 - Info Disclosure
mod_auth_openid before 0.7 for Apache uses world-readable permissions for /tmp/mod_auth_openid.db, which allows local users to obtain session ids.
by Peter Ellehauge
By Source