Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-108501 EXPLOITDB text
Joomla! Component com_qcontacts 1.0.6 - SQL Injection
by Don
CVE-2011-4834 EXPLOITDB bash VERIFIED
HP Application Lifestyle Management 11 - Privilege Escalation via /tmp/tmp.txt Symlink Attack
The GetInstalledPackages function in the configuration tool in HP Application Lifestyle Management (ALM) 11 on AIX, HP-UX, and Solaris allows local users to gain privileges via (1) a Trojan horse /tmp/tmp.txt FIFO or (2) a symlink attack on /tmp/tmp.txt.
by anonymous
CVE-2011-4836 EXPLOITDB text VERIFIED
HomeSeer HS2 2.5.0.20 - Cross-Site Scripting via Crafted URI
Cross-site scripting (XSS) vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to inject arbitrary web script or HTML via a request for a crafted URI.
by Silent Dream
CVE-2011-10013 EXPLOITDB CRITICAL php VERIFIED
Traq Project Issue Tracking System 2.0-2.3 - Unauthenticated Remote Code Execution via Admin Plugin Injection
Traq versions 2.0 through 2.3 contain a remote code execution vulnerability in the admincp/common.php script. The flawed authorization logic fails to halt execution after a failed access check, allowing unauthenticated users to reach admin-only functionality. This can be exploited via plugins.php to inject and execute arbitrary PHP code.
by EgiX
EIP-2026-116087 EXPLOITDB text VERIFIED
PowerDVD 11.0.0.2114 - Remote Denial of Service
by Luigi Auriemma
EIP-2026-112355 EXPLOITDB text
SourceBans 1.4.8 - SQL Injection / Local File Inclusion Injection
by Havok
EIP-2026-112254 EXPLOITDB python
SMF 2.0.1 - SQL Injection / Privilege Escalation
by The:Paradox
EIP-2026-110979 EXPLOITDB text
phpBB MyPage Plugin - SQL Injection
by CrazyMouse
EIP-2026-110664 EXPLOITDB text VERIFIED
PHP City Portal Script Software - SQL Injection
by Don
CVE-2011-5130 EXPLOITDB ruby VERIFIED
Family Connections CMS 2.5.0-2.7.1 - Remote Code Execution via dev/less.php argv[1] Parameter
dev/less.php in Family Connections CMS (FCMS) 2.5.0 - 2.7.1, when register_globals is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in the argv[1] parameter.
by Metasploit
CVE-2011-5057 EXPLOITDB text VERIFIED
Apache Struts 2.0.0-2.3.1.2 and 2.3.19-2.3.23 - Session Tampering via Unrestricted Interface Access
Apache Struts 2.3.1.2 and earlier, 2.3.19-2.3.23, provides interfaces that do not properly restrict access to collections such as the session and request collections, which might allow remote attackers to modify run-time data values via a crafted parameter to an application that implements an affected interface, as demonstrated by the SessionAware, RequestAware, ApplicationAware, ServletRequestAware, ServletResponseAware, and ParameterAware interfaces. NOTE: the vendor disputes the significance of this report because of an "easy work-around in existing apps by configuring the interceptor."
by Hisato Killing
CVE-2011-5261 EXPLOITDB text VERIFIED
Axis M10 Series Network Cameras Firmware < 5.21 - Cross-Site Scripting via pageTitle Parameter
Cross-site scripting (XSS) vulnerability in serverreport.cgi in Axis M10 Series Network Cameras M1054 firmware 5.21 and earlier allows remote attackers to inject arbitrary web script or HTML via the pageTitle parameter to admin/showReport.shtml.
by Matt Metzger
CVE-2011-4595 EXPLOITDB MEDIUM text VERIFIED
Caseproof Prettylinks - XSS
Pretty-Link WordPress plugin 1.5.2 has XSS
by Am!r
CVSS 6.1
EIP-2026-112111 EXPLOITDB text VERIFIED
Simple Machines Forum (SMF) 1.1.15 - 'fckeditor' Arbitrary File Upload
by HELLBOY
EIP-2026-105130 EXPLOITDB text
Alstrasoft EPay Enterprise 4.0 - Blind SQL Injection
by Don
CVE-2011-2189 EXPLOITDB HIGH text VERIFIED
Linux Kernel < 2.6.32 - Denial of Service via Network Namespace Creation
net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service (memory consumption) via requests to a daemon that requires a separate namespace per connection, as demonstrated by vsftpd.
by Serge Hallyn
CVSS 7.5
CVE-2011-5044 EXPLOITDB text
SopCast 3.4.7.45585 - Unauthenticated Arbitrary Code Execution via Weak Diagnose.exe Permissions
SopCast 3.4.7.45585 uses weak permissions (Everyone:Full Control) for Diagnose.exe, which allows local users to execute arbitrary code by replacing Diagnose.exe with a Trojan horse program.
by LiquidWorm
EIP-2026-116277 EXPLOITDB python
SopCast 3.4.7 - 'sop://' URI Handling Remote Stack Buffer Overflow (PoC)
by LiquidWorm
EIP-2026-116233 EXPLOITDB text VERIFIED
Serv-U FTP Server 11.1.0.3 - Denial of Service / Security Bypass
by Luigi Auriemma
EIP-2026-109394 EXPLOITDB text
Meditate Web Content Editor 'username_input' - SQL Injection
by Stefan Schurtz
CVE-2011-4918 EXPLOITDB text VERIFIED
Elxis CMS 2009.2-2009.3 Aphrodite < r2684 - Cross-Site Scripting via Task Parameter and PATH_INFO
Multiple cross-site scripting (XSS) vulnerabilities in Elxis CMS 2009.2, 2009.3 and 2009.3 Aphrodite before revision 2684 allow remote attackers to inject arbitrary web script or HTML via the (1) task parameter to elxis/index.php, and (2) PATH_INFO to elxis/administrator/index.php.
by Ewerson Guimaraes
CVE-2011-4918 EXPLOITDB text VERIFIED
Elxis CMS 2009.2-2009.3 Aphrodite < r2684 - Cross-Site Scripting via Task Parameter and PATH_INFO
Multiple cross-site scripting (XSS) vulnerabilities in Elxis CMS 2009.2, 2009.3 and 2009.3 Aphrodite before revision 2684 allow remote attackers to inject arbitrary web script or HTML via the (1) task parameter to elxis/index.php, and (2) PATH_INFO to elxis/administrator/index.php.
by Ewerson Guimaraes
EIP-2026-101010 EXPLOITDB perl
D-Link DNS-320 ShareCenter - Remote Reboot/Shutdown/Reset (Denial of Service)
by rigan
CVE-2011-5130 EXPLOITDB php VERIFIED
Family Connections CMS 2.5.0-2.7.1 - Remote Code Execution via dev/less.php argv[1] Parameter
dev/less.php in Family Connections CMS (FCMS) 2.5.0 - 2.7.1, when register_globals is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in the argv[1] parameter.
by mr_me
CVE-2011-5170 EXPLOITDB ruby VERIFIED
CCMPlayer 1.5 - Remote Code Execution via Long Track Name in m3u Playlist
Stack-based buffer overflow in Castillo Bueno Systems CCMPlayer 1.5 allows remote attackers to execute arbitrary code via a long track name in an m3u playlist.
by Metasploit