Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-100329 EXPLOITDB text
Fortinet FortiWeb Web Application Firewall - Policy Bypass
by Geffrey Velasquez
CVE-2012-1990 EXPLOITDB text VERIFIED
Schneider Electric Kerweb < 3.0.1 and Kerwin < 6.0.1 - Cross-Site Scripting via evtvariablename Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Schneider Electric Kerweb before 3.0.1 and Kerwin before 6.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the evtvariablename parameter in an evts.xml action to kw.dll, (2) unspecified search fields, or (3) unspecified content-display fields.
by phocean
CVE-2012-2336 EXPLOITDB python VERIFIED
PHP < 5.3.13 and 5.4.x < 5.4.3 - Denial of Service via Malformed CGI Query String
sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to cause a denial of service (resource consumption) by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'T' case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823.
by rayh4c
CVE-2012-2576 EXPLOITDB CRITICAL ruby VERIFIED
SolarWinds Backup Profiler < 5.1.2 - SQL Injection via LoginServlet loginName Parameter
SQL injection vulnerability in the LoginServlet page in SolarWinds Storage Manager before 5.1.2, SolarWinds Storage Profiler before 5.1.2, and SolarWinds Backup Profiler before 5.1.2 allows remote attackers to execute arbitrary SQL commands via the loginName field.
by Metasploit
CVSS 9.8
EIP-2026-112520 EXPLOITDB text
Symantec Web Gateway - Cross-Site Scripting
by B00y@
CVE-2012-2336 EXPLOITDB ruby VERIFIED
PHP < 5.3.13 and 5.4.x < 5.4.3 - Denial of Service via Malformed CGI Query String
sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to cause a denial of service (resource consumption) by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'T' case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823.
by Metasploit
CVE-2012-3837 EXPLOITDB text VERIFIED
Baby Gekko < 1.2.0 - Cross-Site Scripting via Registration Parameters
Multiple cross-site scripting (XSS) vulnerabilities in apps/users/registration.template.php in Baby Gekko 1.2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) username, (2) email_address, (3) password, (4) password_verify, (5) firstname, (6) lastname, or (7) verification_code parameter to users/action/register. NOTE: some of these details are obtained from third party information.
by LiquidWorm
CVE-2012-3836 EXPLOITDB text VERIFIED
Baby Gekko < 1.2.0 - Cross-Site Scripting via Multiple Input Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Baby Gekko before 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) groupname parameter in a savecategory in the users module; (2) virtual_filename, (3) branch, (4) contact_person, (5) street, (6) city, (7) province, (8) postal, (9) country, (10) tollfree, (11) phone, (12) fax, or (13) mobile parameter in a saveitem action in the contacts module; (14) title parameter in a savecategory action in the menus module; (15) firstname or (16) lastname in a saveitem action in the users module; (17) meta_key or (18) meta_description in a saveitem action in the blog module; or (19) the PATH_INFO to admin/index.php.
by LiquidWorm
CVE-2012-1775 EXPLOITDB ruby VERIFIED
VLC media player < 2.0.1 - Remote Code Execution via Crafted MMS Stream
Stack-based buffer overflow in VideoLAN VLC media player before 2.0.1 allows remote attackers to execute arbitrary code via a crafted MMS:// stream.
by Metasploit
EIP-2026-116784 EXPLOITDB python
AnvSoft Any Video Converter 4.3.6 - Local Stack Overflow
by cikumel
CVE-2012-2227 EXPLOITDB text
PluXml < 5.1.5 - Path Traversal via default_lang Parameter
Directory traversal vulnerability in update/index.php in PluXml before 5.1.6 allows remote attackers to include and execute arbitrary local files via a ..%2F (encoded dot dot slash) in the default_lang parameter.
by High-Tech Bridge SA
CVE-2012-3838 EXPLOITDB text VERIFIED
baby_gekko < 1.2.0 - Unauthenticated Installation Path Exposure via Direct Request
Gekko before 1.2.0 allows remote attackers to obtain the installation path via a direct request to (1) admin/templates/babygekko/index.php or (2) templates/html5demo/index.php.
by LiquidWorm
EIP-2026-102528 EXPLOITDB text VERIFIED
OpenKM 5.1.7 - Cross-Site Request Forgery
by Cyrill Brunschwiler
CVE-2011-3479 EXPLOITDB text
Symantec pcAnywhere <12.5.3 - Privilege Escalation
Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), uses world-writable permissions for product-installation files, which allows local users to gain privileges by modifying a file.
by Edward Torkington
EIP-2026-115824 EXPLOITDB c++
Microsoft Windows XP - 'win32k.sys' Local Kernel Denial of Service
by Lufeng Li
CVE-2012-3831 EXPLOITDB text
milesj/decoda < 3.3 - Cross-Site Scripting via img Tag URL
Cross-site scripting (XSS) vulnerability in decoda/templates/video.php in Decoda before 3.3.1 allows remote attackers to inject arbitrary web script or HTML via multiple URLs in an img tag.
by RedTeam Pentesting
CVE-2012-1002 EXPLOITDB php VERIFIED
OpenConf < 4.12 - SQL Injection via Author Edit PID Parameter
SQL injection vulnerability in author/edit.php in OpenConf 4.x before 4.12 allows remote attackers to execute arbitrary SQL commands via the pid parameter.
by EgiX
EIP-2026-101802 EXPLOITDB text VERIFIED
iGuard Security Access Control Device Firmware 3.6.7427A - Cross-Site Scripting
by Usman Saeed
EIP-2026-100933 EXPLOITDB text
Websense Triton - Multiple Vulnerabilities
by Ben Williams
CVE-2012-3839 EXPLOITDB text VERIFIED
MyClientBase 0.12 - SQL Injection via Invoice Search Parameters
Multiple SQL injection vulnerabilities in application/core/MY_Model.php in MyClientBase 0.12 allow remote attackers to execute arbitrary SQL commands via the (1) invoice_number or (2) tags parameter to index.php/invoice_search.
by Vulnerability-Lab
CVE-2012-2576 EXPLOITDB CRITICAL python VERIFIED
SolarWinds Backup Profiler < 5.1.2 - SQL Injection via LoginServlet loginName Parameter
SQL injection vulnerability in the LoginServlet page in SolarWinds Storage Manager before 5.1.2, SolarWinds Storage Profiler before 5.1.2, and SolarWinds Backup Profiler before 5.1.2 allows remote attackers to execute arbitrary SQL commands via the loginName field.
by muts
CVSS 9.8
CVE-2012-4598 EXPLOITDB ruby VERIFIED
McAfee Virtual Technician <6.4 - RCE
An unspecified ActiveX control in McAfee Virtual Technician (MVT) before 6.4, and ePO-MVT, allows remote attackers to execute arbitrary code or cause a denial of service (Internet Explorer crash) via a crafted web site.
by Metasploit
CVE-2012-4250 EXPLOITDB html
Samsung NET-i viewer 1.37 - Remote Code Execution via RequestScreenOptimization Function
Stack-based buffer overflow in the RequestScreenOptimization function in the XProcessControl.ocx ActiveX control in msls31.dll in Samsung NET-i viewer 1.37 allows remote attackers to execute arbitrary code via a long string in the first argument.
by blake
CVE-2012-3845 EXPLOITDB python VERIFIED
LAN Messenger 1.2.28 - Denial of Service via Long Initiation Request String
Buffer overflow in LAN Messenger 1.2.28 and earlier allows remote attackers to cause a denial of service (crash) via a long string in an initiation request.
by Julien Ahrens
EIP-2026-114296 EXPLOITDB text VERIFIED
WordPress Plugin Zingiri Web Shop 2.4.2 - Persistent Cross-Site Scripting
by Mehmet Ince