Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2011-4802 EXPLOITDB text VERIFIED
Dolibarr < 3.1.0 - Authenticated SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in Dolibarr 3.1.0 RC and probably earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) sortfield, (2) sortorder, and (3) sall parameters to user/index.php and (b) user/group/index.php; the id parameter to (4) info.php, (5) perms.php, (6) param_ihm.php, (7) note.php, and (8) fiche.php in user/; and (9) rowid parameter to admin/boxes.php.
by High-Tech Bridge SA
CVE-2011-4802 EXPLOITDB text VERIFIED
Dolibarr < 3.1.0 - Authenticated SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in Dolibarr 3.1.0 RC and probably earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) sortfield, (2) sortorder, and (3) sall parameters to user/index.php and (b) user/group/index.php; the id parameter to (4) info.php, (5) perms.php, (6) param_ihm.php, (7) note.php, and (8) fiche.php in user/; and (9) rowid parameter to admin/boxes.php.
by High-Tech Bridge SA
CVE-2011-4802 EXPLOITDB text VERIFIED
Dolibarr < 3.1.0 - Authenticated SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in Dolibarr 3.1.0 RC and probably earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) sortfield, (2) sortorder, and (3) sall parameters to user/index.php and (b) user/group/index.php; the id parameter to (4) info.php, (5) perms.php, (6) param_ihm.php, (7) note.php, and (8) fiche.php in user/; and (9) rowid parameter to admin/boxes.php.
by High-Tech Bridge SA
CVE-2011-4814 EXPLOITDB text VERIFIED
Dolibarr < 3.1.0 - Cross-Site Scripting via PATH_INFO and optioncss Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr 3.1.0 RC and probably earlier allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) index.php, (2) admin/boxes.php, (3) comm/clients.php, (4) commande/index.php; and the optioncss parameter to (5) admin/ihm.php and (6) user/home.php.
by High-Tech Bridge SA
CVE-2011-4089 EXPLOITDB c VERIFIED
bzip2 < 1.0.5 - Local Arbitrary Code Execution via Temporary File Handling
The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.
by vladz
EIP-2026-117588 EXPLOITDB text VERIFIED
Microsoft Windows XP/7 Kernel - 'win32k.sys' Keyboard Layout Privilege Escalation (MS10-073)
by instruder
CVE-2010-0822 EXPLOITDB ruby VERIFIED
MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow
Stack-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with a crafted OBJ (0x5D) record, aka "Excel Object Stack Overflow Vulnerability."
by Metasploit
CVE-2011-5165 EXPLOITDB ruby VERIFIED
Free MP3 CD Ripper <= 2.6 - Stack-based Buffer Overflow via Crafted WAV File
Stack-based buffer overflow in Free MP3 CD Ripper 1.1, 2.6 and earlier, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted .wav file.
by Metasploit
EIP-2026-112544 EXPLOITDB text VERIFIED
TA.CMS (TeachArabia) - 'lang' Traversal Local File Inclusion
by CoBRa_21
EIP-2026-112543 EXPLOITDB text VERIFIED
TA.CMS (TeachArabia) - 'index.php?id' SQL Injection
by CoBRa_21
CVE-2011-4541 EXPLOITDB text VERIFIED
Hastymail2 2.1.1 - Cross-Site Scripting via rs Parameter in Drafts Action
Cross-site scripting (XSS) vulnerability in index.php in Hastymail2 2.1.1 before RC2 allows remote attackers to inject arbitrary web script or HTML via the rs parameter in a mailbox Drafts action.
by HTrovao
CVE-2011-1591 EXPLOITDB python
Wireshark 1.4.x < 1.4.5 - Stack-Based Buffer Overflow in DECT Dissector
Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file.
by ipv
CVE-2011-5006 EXPLOITDB ruby
QQPlayer 3.2.845 - Stack-based Buffer Overflow via MOV File PnSize Value
Stack-based buffer overflow in QQPlayer 3.2.845 allows remote attackers to execute arbitrary code via a crafted PnSize value in a MOV file.
by hellok
CVE-2011-4404 EXPLOITDB text
VMware vCenter Update Manager - Directory Traversal and Arbitrary File Read
The default configuration of the HTTP server in Jetty in vSphere Update Manager in VMware vCenter Update Manager 4.0 before Update 4 and 4.1 before Update 2 allows remote attackers to conduct directory traversal attacks and read arbitrary files via unspecified vectors, a related issue to CVE-2009-1523.
by Alexey Sintsov
EIP-2026-115832 EXPLOITDB c
Microsoft Winows 7 - Keyboard Layout Blue Screen of Death (MS10-073)
by instruder
CVE-2011-5182 EXPLOITDB text VERIFIED
Lanoba Social Plugin 1.0 - Cross-Site Scripting via Action Parameter
Cross-site scripting (XSS) vulnerability in lanoba-social-plugin/index.php in the Lanoba Social plugin 1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the action parameter. NOTE: the vendor disputes this issue, stating "Lanoba's plug in does sanitize user input, and because that input is never sent to the browser, an attacker has no way of executing script or code on a user's behalf.
by Amir
CVE-2011-5107 EXPLOITDB text VERIFIED
Alert Before Your Post < 0.1.1 - Cross-Site Scripting via Name Parameter
Cross-site scripting (XSS) vulnerability in post_alert.php in Alert Before Your Post plugin, possibly 0.1.1 and earlier, for WordPress allows remote attackers to inject arbitrary web script or HTML via the name parameter.
by Am!r
CVE-2011-4618 EXPLOITDB text VERIFIED
Advanced Text Widget Plugin < 2.0.1 - Cross-Site Scripting via Page Parameter
Cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter.
by Amir
CVE-2011-4926 EXPLOITDB text VERIFIED
Adminimize < 1.7.22 - Cross-Site Scripting via Page Parameter
Cross-site scripting (XSS) vulnerability in adminimize/adminimize_page.php in the Adminimize plugin before 1.7.22 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter.
by Am!r
CVE-2010-0356 EXPLOITDB ruby VERIFIED
Viscom Software Movie Player Pro SDK ActiveX 6.8 - Stack-Based Buffer Overflow via DrawText strFontName Parameter
Stack-based buffer overflow in the MOVIEPLAYER.MoviePlayerCtrl.1 ActiveX control in MoviePlayer.ocx 6.8.0.0 in Viscom Software Movie Player Pro SDK ActiveX 6.8 allows remote attackers to execute arbitrary code via a long strFontName parameter to the DrawText method.
by Metasploit
EIP-2026-106446 EXPLOITDB text VERIFIED
Digital Attic Foundation CMS - 'id' SQL Injection
by tempe_mendoan
CVE-2011-4337 EXPLOITDB php
Support Incident Tracker 3.45-3.65 - Remote Code Execution via Lang Parameter in translate.php
Static code injection vulnerability in translate.php in Support Incident Tracker (aka SiT!) 3.45 through 3.65 allows remote attackers to inject arbitrary PHP code into an executable language file in the i18n directory via the lang variable.
by EgiX
CVE-2011-3360 EXPLOITDB ruby VERIFIED
Wireshark <1.4.9, <1.6.2 - Privilege Escalation
Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 and 1.6.x before 1.6.2 allows local users to gain privileges via a Trojan horse Lua script in an unspecified directory.
by Metasploit
CVE-2011-4673 EXPLOITDB text
Jetpack - SQL Injection via id Parameter
SQL injection vulnerability in modules/sharedaddy.php in the Jetpack plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.
by longrifle0x
CVE-2011-4672 EXPLOITDB text
Valid tiny-erp < 1.6 - SQL Injection via SearchField Parameter
Multiple SQL injection vulnerabilities in Valid tiny-erp 1.6 and earlier allow remote attackers to execute arbitrary SQL commands via the SearchField parameter in a search action to (1) _partner_list.php, (2) proioncategory_list.php, (3) _rantevou_list.php, (4) syncategory_list.php, (5) synallasomenos_list.php, (6) ypelaton_list.php, and (7) yproion_list.php.
by muuratsalo