Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-114111 EXPLOITDB text VERIFIED
WordPress Plugin The Welcomizer 1.3.9.4 - 'twiz-index.php' Cross-Site Scripting
by Am!r
CVE-2011-4362 EXPLOITDB text VERIFIED
lighttpd 1.4-1.4.29 - Denial of Service via Base64 Decode Integer Signedness Error
Integer signedness error in the base64_decode function in the HTTP authentication functionality (http_auth.c) in lighttpd 1.4 before 1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to cause a denial of service (segmentation fault) via crafted base64 input that triggers an out-of-bounds read with a negative index.
by pi3
CVE-2011-5203 EXPLOITDB text VERIFIED
Akiva WebBoard < 8.0 - SQL Injection via WB/Default.asp Name Parameter
SQL injection vulnerability in WB/Default.asp in Akiva WebBoard before 8 SR 1 allows remote attackers to execute arbitrary SQL commands via the name parameter. NOTE: some of these details are obtained from third party information.
by Alexander Fuchs
EIP-2026-109893 EXPLOITDB text VERIFIED
Neturf eCommerce Shopping Cart - 'searchFor' Cross-Site Scripting
by farbodmahini
CVE-2011-5200 EXPLOITDB text VERIFIED
DeDeCMS - SQL Injection via id Parameter
Multiple SQL injection vulnerabilities in DeDeCMS, possibly 5.6, allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) list.php, (2) members.php, or (3) book.php.
by CWH & Nafsh
CVE-2011-5204 EXPLOITDB text VERIFIED
Akiva WebBoard 8.x - Plaintext Password Storage
Akiva WebBoard 8.x stores passwords in plaintext, which allows local users to obtain sensitive information by reading from the database.
by Alexander Fuchs
CVE-2011-5053 EXPLOITDB text
Wi-Fi Protected Setup Protocol - Improper Authentication via EAP-NACK Message Handling
The Wi-Fi Protected Setup (WPS) protocol, when the "external registrar" authentication method is used, does not properly inform clients about failed PIN authentication, which makes it easier for remote attackers to discover the PIN value, and consequently discover the Wi-Fi network password or reconfigure an access point, by reading EAP-NACK messages.
by cheffner
CVE-2011-5026 EXPLOITDB text VERIFIED
Winn GuestBook < 2.4.8d - Cross-Site Scripting via Name Parameter
Cross-site scripting (XSS) vulnerability in the addPost function in data/functions.php in Winn GuestBook before 2.4.8d allows remote attackers to inject arbitrary web script or HTML via the name parameter to index.php. NOTE: some of these details are obtained from third party information.
by G13
CVE-2011-5023 EXPLOITDB text VERIFIED
Pligg CMS 1.1.4 - Cross-Site Scripting via PATH_INFO to Search Program
Cross-site scripting (XSS) vulnerability in Pligg CMS 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the search program, a different vulnerability than CVE-2011-3986.
by SiteWatch
CVE-2011-5022 EXPLOITDB text VERIFIED
Pligg CMS 1.1.2 - SQL Injection via Status Parameter
SQL injection vulnerability in search.php in Pligg CMS 1.1.2 allows remote attackers to execute arbitrary SQL commands via the status parameter.
by SiteWatch
CVE-2011-5140 EXPLOITDB text VERIFIED
DiY-CMS blog module 1.0 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in the blog module 1.0 for DiY-CMS allow remote attackers to execute arbitrary SQL commands via the (1) start parameter to (a) tags.php, (b) list.php, (c) index.php, (d) main_index.php, (e) viewpost.php, (f) archive.php, (g) control/approve_comments.php, (h) control/approve_posts.php, and (i) control/viewcat.php; and the (2) month and (3) year parameters to archive.php.
by snup
CVE-2012-0045 EXPLOITDB text VERIFIED
Linux Kernel < 3.2.14 - Denial of Service via KVM em_syscall Opcode Handling
The em_syscall function in arch/x86/kvm/emulate.c in the KVM implementation in the Linux kernel before 3.2.14 does not properly handle the 0f05 (aka syscall) opcode, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application, as demonstrated by an NASM file.
by Stephan Sattler
EIP-2026-116483 EXPLOITDB python VERIFIED
VideoLAN VLC Media Player 1.1.11 - libav 'libavcodec_plugin.dll' Denial of Service
by Mitchell Adair
CVE-2011-5148 EXPLOITDB php
mod_simplefileupload < 1.3.5 - Remote Code Execution via Incomplete Blacklist Bypass
Multiple incomplete blacklist vulnerabilities in the Simple File Upload (mod_simplefileuploadv1.3) module before 1.3.5 for Joomla! allow remote attackers to execute arbitrary code by uploading a file with a (1) php5, (2) php6, or (3) double (e.g. .php.jpg) extension, then accessing it via a direct request to the file in images/, as exploited in the wild in January 2012.
by gmda
CVE-2011-5052 EXPLOITDB ruby VERIFIED
CoCSoft Stream Down 6.8.0 - Stack-Based Buffer Overflow via Long Download Response
Stack-based buffer overflow in CoCSoft Stream Down 6.8.0 allows remote web servers to execute arbitrary code via a long response to a download request.
by Fady Mohammed Osman
EIP-2026-113879 EXPLOITDB text VERIFIED
WordPress Plugin Mailing List - Arbitrary File Download
by 6Scan
EIP-2026-107214 EXPLOITDB text
Free Image Hosting Script - Arbitrary File Upload
by ySecurity
CVE-2011-4862 EXPLOITDB c VERIFIED
GNU inetutils < 1.9 - Remote Code Execution via Long Encryption Key
Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.
by NighterMan & BatchDrake
EIP-2026-102694 EXPLOITDB text VERIFIED
Nagios Plugins check_ups - Local Buffer Overflow (PoC)
by Stefan Schurtz
CVE-2011-5161 EXPLOITDB text
OpenEMR 4 - Unauthenticated Arbitrary PHP File Upload via Patient Photograph Feature
Unrestricted file upload vulnerability in the patient photograph functionality in OpenEMR 4 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension followed by a safe extension, then accessing it via a direct request to the patient directory under documents/.
by Level
CVE-2011-5160 EXPLOITDB text
OpenEMR 4 - Cross-Site Scripting via Site Parameter
Cross-site scripting (XSS) vulnerability in setup.php in OpenEMR 4 allows remote attackers to inject arbitrary web script or HTML via the site parameter.
by Level
CVE-2012-2115 EXPLOITDB text
OpenEMR < 4.1.0 - SQL Injection via User Parameter
SQL injection vulnerability in interface/login/validateUser.php in OpenEMR 4.1.0 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the u parameter.
by Level
EIP-2026-116107 EXPLOITDB python VERIFIED
Putty 0.60 - Crash (PoC)
by Level
CVE-2011-5049 EXPLOITDB python
MySQL 5.5.8 - Denial of Service via Crafted Packet
MySQL 5.5.8, when running on Windows, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted packet to TCP port 3306.
by Level
EIP-2026-115807 EXPLOITDB python VERIFIED
Microsoft Windows Media Player 11.0.5721.5262 - Remote Denial of Service
by Level