Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2011-5075 EXPLOITDB php
Support Incident Tracker 3.45-3.65 - Information Disclosure via translate.php save action
translate.php in Support Incident Tracker (aka SiT!) 3.45 through 3.65 allows remote attackers to obtain sensitive information via a direct request using the save action, which reveals the installation path.
by EgiX
CVE-2011-5109 EXPLOITDB text
Freelancer Calendar < 1.01 - SQL Injection via SearchField Parameter
Multiple SQL injection vulnerabilities in Freelancer calendar 1.01 and earlier allow remote attackers to inject arbitrary web script or HTML via the SearchField parameter in a search action to (1) category_list.php, (2) Copy_of_calendar_list.php, (3) customer_statistics_list.php, (4) customer_list.php, and (5) task_statistics_list.php in the worldcalendar directory.
by muuratsalo
CVE-2011-5110 EXPLOITDB text
Blogs Manager < 1.101 - SQL Injection via SearchField Parameter
Multiple SQL injection vulnerabilities in Blogs Manager 1.101 and earlier allow remote attackers to execute arbitrary SQL commands via the SearchField parameter in a search action to (1) _authors_list.php, (2) _blogs_list.php, (3) _category_list.php, (4) _comments_list.php, (5) _policy_list.php, (6) _rate_list.php, (7) categoriesblogs_list.php, (8) chosen_authors_list.php, (9) chosen_blogs_list.php, (10) chosen_comments_list.php, and (11) help_list.php in blogs/.
by muuratsalo
EIP-2026-105222 EXPLOITDB text
ARASTAR - SQL Injection
by TH3_N3RD
CVE-2009-1523 EXPLOITDB text VERIFIED
Jetty 5.1.14 6.x < 6.1.17 and 7.x <= 7.0.0.M2 - Path Traversal via URI
Directory traversal vulnerability in the HTTP server in Mort Bay Jetty 5.1.14, 6.x before 6.1.17, and 7.x through 7.0.0.M2 allows remote attackers to access arbitrary files via directory traversal sequences in the URI.
by Alexey Sintsov
EIP-2026-118611 EXPLOITDB text VERIFIED
GoAhead Web Server 2.5 - 'goform/formTest' Multiple Cross-Site Scripting Vulnerabilities
by Prabhu S Angadi
EIP-2026-116409 EXPLOITDB python
Thunder Kankan Player 4.8.3.840 - Stack Overflow / Denial of Service
by hellok
CVE-2010-5193 EXPLOITDB ruby VERIFIED
Viscom Image Viewer CP Pro/Gold <8.0-6.0 - Buffer Overflow
Stack-based buffer overflow in the TIFMergeMultiFiles function in the SCRIBBLE.ScribbleCtrl.1 ActiveX control (ImageViewer2.ocx) in Viscom Image Viewer CP Pro 8.0 and Gold 6.0 allows remote attackers to execute arbitrary code via a long strDelimit parameter.
by Metasploit
CVE-2010-5194 EXPLOITDB ruby VERIFIED
Viscom Image Viewer <8.0 - Buffer Overflow
Stack-based buffer overflow in the Image2PDF function in the SCRIBBLE.ScribbleCtrl.1 ActiveX control (ImageViewer2.ocx) in Viscom Image Viewer CP Pro 8.0, Gold 5.5, Gold 6.0, and earlier allows remote attackers to execute arbitrary code via a long strPDFFile parameter.
by Metasploit
CVE-2011-5105 EXPLOITDB text VERIFIED
ManageEngine ADSelfService Plus 4.5 Build 4521 - Cross-Site Scripting via EmployeeSearch.cc Parameters
Multiple cross-site scripting (XSS) vulnerabilities in EmployeeSearch.cc in ZOHO ManageEngine ADSelfService Plus 4.5 Build 4521 allow remote attackers to inject arbitrary web script or HTML via the (1) searchType and (2) searchString parameters, a different vulnerability than CVE-2010-3274.
by James webb
CVE-2011-5106 EXPLOITDB text VERIFIED
Flexible Custom Post Type < 0.1.7 - Cross-Site Scripting via edit-post.php id Parameter
Cross-site scripting (XSS) vulnerability in edit-post.php in the Flexible Custom Post Type plugin before 0.1.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter.
by Am!r
EIP-2026-113277 EXPLOITDB text VERIFIED
webERP 4.3.8 - Multiple Script URI Cross-Site Scripting Vulnerabilities
by High-Tech Bridge SA
EIP-2026-113276 EXPLOITDB text VERIFIED
webERP 4.3.8 - '/reportwriter/ReportMaker.php?reportid' SQL Injection
by High-Tech Bridge SA
EIP-2026-113275 EXPLOITDB text VERIFIED
webERP 4.3.8 - '/reportwriter/FormMaker.php?ReportID' SQL Injection
by High-Tech Bridge SA
CVE-2011-5012 EXPLOITDB ruby
Attachmate Reflection - Heap-based Buffer Overflow via Long Directory Name in FTP LIST Response
Heap-based buffer overflow in the Reflection FTP Client (rftpcom.dll 7.2.0.106 and possibly other versions), as used in Attachmate Reflection 2008, Reflection 2011 R1 before 15.3.2.569 and R1 SP1 before, Reflection 2011 R2 before 15.4.1.327, Reflection Windows Client 7.2 SP1 before hotfix 7.2.1186, and Reflection 14.1 SP1 before 14.1.1.206, allows remote FTP servers to execute arbitrary code via a long directory name in a response to a LIST command.
by Francis Provencher
EIP-2026-113320 EXPLOITDB text VERIFIED
Webistry 1.6 - 'pid' SQL Injection
by CoBRa_21
CVE-2011-5147 EXPLOITDB text VERIFIED
FreeWebshop < 2.2.9 - Remote Code Execution via Ajax File Manager
Static code injection vulnerability in ajax_save_name.php in the Ajax File Manager module in the tinymce plugin in FreeWebshop 2.2.9 R2 and earlier allows remote attackers to inject arbitrary PHP code into data.php via the selected document, as demonstrated by a call to ajax_file_cut.php and then to ajax_save_name.php.
by EgiX
EIP-2026-102588 EXPLOITDB python VERIFIED
FleaHttpd - Remote Denial of Service
by condis
CVE-2011-5262 EXPLOITDB text
SonicWALL Aventail SRA EX - SQL Injection via prodpage.cfm CategoryID Parameter
SQL injection vulnerability in prodpage.cfm in SonicWALL Aventail allows remote attackers to execute arbitrary SQL commands via the CategoryID parameter.
by Asheesh kumar
CVE-2011-5005 EXPLOITDB text VERIFIED
QuiXplorer < 2.3 - Unauthenticated Arbitrary File Upload and Remote Code Execution via index.php
Unrestricted file upload vulnerability in QuiXplorer 2.3 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension using the upload action to index.php, then accessing it via a direct request to the file in an unspecified directory.
by PCA
CVE-2011-4801 EXPLOITDB text
Authenex Strong Authentication System Server 3.1.0.2-3.1.0.3 SQL Injection via Username Parameter
SQL injection vulnerability in akeyActivationLogin.do in Authenex Web Management Control in Authenex Strong Authentication System (ASAS) Server 3.1.0.2 and 3.1.0.3 allows remote attackers to execute arbitrary SQL commands via the username parameter.
by Jose Carlos de Arriba
CVE-2010-5081 EXPLOITDB ruby VERIFIED
Mini-Stream RM-MP3 Converter 3.1.2.1 - Buffer Overflow
Stack-based buffer overflow in Mini-Stream RM-MP3 Converter 3.1.2.1 allows remote attackers to execute arbitrary code via a long URL in a .pls file.
by Metasploit
CVE-2012-5049 EXPLOITDB text VERIFIED
Optimalog Optima PLC < 1.5.2 - Denial of Service via Malformed Packet
APIFTP Server in Optimalog Optima PLC 1.5.2 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
by Luigi Auriemma
CVE-2011-4671 EXPLOITDB text VERIFIED
AdRotate < 3.6.8 - SQL Injection via Track Parameter
SQL injection vulnerability in adrotate/adrotate-out.php in the AdRotate plugin 3.6.6, and other versions before 3.6.8, for WordPress allows remote attackers to execute arbitrary SQL commands via the track parameter (aka redirect URL).
by Miroslav Stampar
CVE-2011-4710 EXPLOITDB text
Pixie CMS 1.01-1.04 - SQL Injection via pixie_user Parameter or Referer Header
Multiple SQL injection vulnerabilities in Pixie CMS 1.01 through 1.04 allow remote attackers to execute arbitrary SQL commands via the (1) pixie_user parameter and (2) Referer HTTP header in a request to the default URI.
by Piranha