Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2012-2939 EXPLOITDB text VERIFIED
Travelon Express 6.2.2 - Authenticated Arbitrary File Upload via airline-edit.php hotel-image-add.php or hotel-add.php
Multiple unrestricted file upload vulnerabilities in Travelon Express 6.2.2 allow remote authenticated users to execute arbitrary code by uploading a file with an executable extension using (1) airline-edit.php, (2) hotel-image-add.php, or (3) hotel-add.php.
by Vulnerability-Lab
CVE-2012-4279 EXPLOITDB text VERIFIED
Free Realty 3.1-0.6 - SQL Injection via Agent Display or Admin Edit Parameters
Multiple SQL injection vulnerabilities in Free Realty 3.1-0.6 allow remote attackers to execute arbitrary SQL commands via the (1) view parameter to agentdisplay.php or (2) edit parameter to admin/admin.php.
by Vulnerability-Lab
CVE-2012-4278 EXPLOITDB text VERIFIED
Free Realty 3.1-0.6 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Free Realty 3.1-0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) notes parameter to (a) admin/agenteditor.php; (2) title, (3) previewdesc, (4) fulldesc, or (5) notes parameter (b) to agentadmin.php or (c) in an addlisting action to agentadmin.php; or unspecified vectors to (d) admin/adminfeatures.php.
by Vulnerability-Lab
CVE-2012-4265 EXPLOITDB text
Proman Xpress 5.0.1 - SQL Injection via category_edit.php cid Parameter
SQL injection vulnerability in category_edit.php in Proman Xpress 5.0.1 allows remote attackers to execute arbitrary SQL commands via the cid parameter.
by Vulnerability-Lab
CVE-2012-2938 EXPLOITDB text VERIFIED
Travelon Express 6.2.2 - Cross-Site Scripting via Holiday Name Field
Multiple cross-site scripting (XSS) vulnerabilities in Travelon Express 6.2.2 allow remote attackers to inject arbitrary web script or HTML via the holiday name field to (1) holiday_add.php or (2) holiday_view.php.
by Vulnerability-Lab
CVE-2012-2908 EXPLOITDB text
Viscacha 0.8.1.1 - SQL Injection via bbcodeexample, buttonimage, or bbcodetag Parameter
Multiple SQL injection vulnerabilities in admin/bbcodes.php in Viscacha 0.8.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) bbcodeexample, (2) buttonimage, or (3) bbcodetag parameter.
by Vulnerability-Lab
CVE-2006-2369 EXPLOITDB python VERIFIED
RealVNC 4.1.1 - Unauthenticated Authentication Bypass via Insecure Security Type
RealVNC 4.1.1, and other products that use RealVNC such as AdderLink IP and Cisco CallManager, allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, as originally demonstrated using a long password.
by fdiskyou
CVE-2011-3659 EXPLOITDB ruby VERIFIED
Mozilla Firefox <4.10 - Use After Free
Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribute child nodes.
by Metasploit
CVE-2012-2371 EXPLOITDB text VERIFIED
WP-FaceThumb 0.1 - Cross-Site Scripting via Pagination Parameter
Cross-site scripting (XSS) vulnerability in index.php in the WP-FaceThumb plugin 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the pagination_wp_facethumb parameter.
by d3v1l
CVE-2012-2909 EXPLOITDB text
Viscacha 0.8.1.1 - Stored Cross-Site Scripting via Private Messages, Bad Word, Portal, or Topic Fields
Multiple cross-site scripting (XSS) vulnerabilities in Viscacha 0.8.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) text field in the Private Messages System, (2) Bad Word field in Zensur, or (3) Portal or (4) Topic field in Kommentar.
by Vulnerability-Lab
CVE-2012-4281 EXPLOITDB text VERIFIED
Travelon Express 6.2.2 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in Travelon Express 6.2.2 allow remote attackers to execute arbitrary SQL commands via the hid parameter to (1) holiday.php or (2) holiday_book.php, (3) id parameter to pages.php, (4) fid parameter to admin/airline-edit.php, or (5) cid parameter to admin/customer-edit.php.
by Vulnerability-Lab
CVE-2012-4266 EXPLOITDB text
Proman Xpress 5.0.1 - Cross-Site Scripting via cl_comments Parameter
Cross-site scripting (XSS) vulnerability in client_details.php in Proman Xpress 5.0.1 allows remote attackers to inject arbitrary web script or HTML via the cl_comments parameter. NOTE: some of these details are obtained from third party information.
by Vulnerability-Lab
CVE-2012-2338 EXPLOITDB text VERIFIED
Galette 0.63-0.64rc1 - SQL Injection via id_adh Parameter
SQL injection vulnerability in includes/picture.class.php in Galette 0.63, 0.63.1, 0.63.2, 0.63.3, and 0.64rc1 allows remote attackers to execute arbitrary SQL commands via the id_adh parameter to picture.php.
by sbz
CVE-2012-4280 EXPLOITDB text VERIFIED
Free Realty 3.1-0.6 - Cross-Site Request Forgery in Agent Editor
Multiple cross-site request forgery (CSRF) vulnerabilities in admin/agenteditor.php in Free Realty 3.1-0.6 allow remote attackers to hijack the authentication of administrators for requests that (1) add an agent via an addagent action or (2) modify an agent.
by Vulnerability-Lab
EIP-2026-102392 EXPLOITDB text
Liferay Portal 6.0.x < 6.1 - Privilege Escalation
by Jelmer Kuperus
EIP-2026-118430 EXPLOITDB ruby VERIFIED
Distinct TFTP 3.01 - Writable Directory Traversal Execution (Metasploit)
by Metasploit
EIP-2026-116785 EXPLOITDB perl
AnvSoft Any Video Converter 4.3.6 - Unicode Buffer Overflow
by h1ch4m
CVE-2011-4449 EXPLOITDB ruby VERIFIED
WikkaWiki 1.3.1 and 1.3.2 - Arbitrary PHP Code Execution via File Upload with Multiple Extensions
actions/files/files.php in WikkaWiki 1.3.1 and 1.3.2, when INTRANET_MODE is enabled, supports file uploads for file extensions that are typically absent from an Apache HTTP Server TypesConfig file, which makes it easier for remote attackers to execute arbitrary PHP code by placing this code in a file whose name has multiple extensions, as demonstrated by a (1) .mm or (2) .vpp file.
by Metasploit
CVE-2012-4267 EXPLOITDB text VERIFIED
Sockso < 1.5 - Stored Cross-Site Scripting via User Registration Name Parameter
Cross-site scripting (XSS) vulnerability in user/register in Sockso 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the name parameter.
by Ciaran McNally
CVE-2012-2376 EXPLOITDB php VERIFIED
PHP < 5.4.3 - Remote Code Execution via COM Object VARIANT Type Handling
Buffer overflow in the com_print_typeinfo function in PHP 5.4.3 and earlier on Windows allows remote attackers to execute arbitrary code via crafted arguments that trigger incorrect handling of COM object VARIANT types, as exploited in the wild in May 2012.
by 0in
CVE-2012-2052 EXPLOITDB php VERIFIED
Adobe Photoshop CS5 12.x-12.0.4 and CS5.1 12.1.x-12.1.0 - Remote Code Execution via U3D Library Collada Asset Element
Stack-based buffer overflow in the U3D.8BI library plugin in Adobe Photoshop CS5 12.x before 12.0.5 and CS5.1 12.1.x before 12.1.1 allows remote attackers to execute arbitrary code via a long Collada asset element in a DAE file, as demonstrated by the cameraYFov value in the contributor comments element.
by rgod
EIP-2026-116118 EXPLOITDB text VERIFIED
QNX phrelay/phindows/phditto - Multiple Vulnerabilities
by Luigi Auriemma
CVE-2012-2765 EXPLOITDB text
Belkin F5D7234-4 v5 G Wireless Router - Remote Hash Exposed
by Avinash Tangirala
CVE-2012-2923 EXPLOITDB text
Hypermethod eLearning Server 4G - SQL Injection
SQL injection vulnerability in news.php4 in Hypermethod eLearning Server 4G allows remote attackers to execute arbitrary SQL commands via the nid parameter.
by Andrey Komarov
EIP-2026-108994 EXPLOITDB text
Kerio WinRoute Firewall Web Server < 6 - Source Code Disclosure
by Andrey Komarov