Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2011-5167 EXPLOITDB html VERIFIED
Oracle Hyperion Strategic Finance < 12.0 - Remote Code Execution via ActiveX SetDevNames
Heap-based buffer overflow in the SetDevNames method of the Tidestone Formula One ActiveX control (TTF16.ocx) 6.3.5 Build 1 in Oracle Hyperion Strategic Finance 12.x and possibly earlier allows remote attackers to execute arbitrary code via a long string to the DriverName parameter.
by rgod
CVE-2007-4517 EXPLOITDB text
Oracle Database Server - Authenticated Buffer Overflow in XDB_PITRIG_PKG.PITRIG_DROPMETADATA Procedure
Buffer overflow in the XDB.XDB_PITRIG_PKG.PITRIG_DROPMETADATA procedure in Oracle 10g R2 allows remote authenticated users to execute arbitrary code via a long (1) OWNER or (2) NAME argument.
by David Maman
CVE-2011-5166 EXPLOITDB ruby
KnFTP 1.0.0 - Remote Code Execution via Multiple Stack-Based Buffer Overflows
Multiple stack-based buffer overflows in KnFTP 1.0.0 allow remote attackers to execute arbitrary code via a long string to the (1) USER, (2) PASS, (3) REIN, (4) QUIT, (5) PORT, (6) PASV, (7) TYPE, (8) STRU, (9) MODE, (10) RETR, (11) STOR, (12) APPE, (13) ALLO, (14) REST, (15) RNFR, (16) RNTO, (17) ABOR, (18) DELE, (19) CWD, (20) LIST, (21) NLST, (22) SITE, (23) STST, (24) HELP, (25) NOOP, (26) MKD, (27) RMD, (28) PWD, (29) CDUP, (30) STOU, (31) SNMT, (32) SYST, and (33) XPWD commands.
by pasta
CVE-2011-4810 EXPLOITDB text VERIFIED
WHMCompleteSolution 3.x-4.x - Unauthenticated Path Traversal via Template File Parameter
Multiple directory traversal vulnerabilities in WHMCompleteSolution (WHMCS) 3.x and 4.x allow remote attackers to read arbitrary files via the templatefile parameter to (1) submitticket.php and (2) downloads.php, and (3) the report parameter to admin/reports.php.
by ZxH-Labs
EIP-2026-112245 EXPLOITDB text VERIFIED
SmartJobBoard - 'keywords' Cross-Site Scripting
by Mr.PaPaRoSSe
CVE-2011-5183 EXPLOITDB text VERIFIED
OrderSys <= 1.6.4 - SQL Injection via where_clause Parameter
Multiple SQL injection vulnerabilities in OrderSys 1.6.4 and earlier allow remote attackers to execute arbitrary SQL commands via the where_clause parameter to (1) index.php, (2) index_long.php, or (3) index_short.php in ordering/interface_creator/.
by muuratsalo
EIP-2026-109059 EXPLOITDB text VERIFIED
LabStoRe 1.5.4 - SQL Injection
by muuratsalo
EIP-2026-104958 EXPLOITDB text VERIFIED
Admin Bot - 'news.php' SQL Injection
by baltazar
EIP-2026-102908 EXPLOITDB c VERIFIED
Linux Kernel 3.0.4 - '/proc/interrupts' Password Length Local Information Disclosure
by Vasiliy Kulikov
EIP-2026-102415 EXPLOITDB text
Oracle NoSQL 11g 1.1.100 R2 - 'log' Directory Traversal
by Buherátor
CVE-2011-0105 EXPLOITDB ruby VERIFIED
MS11-021 Microsoft Office 2007 Excel .xlb Buffer Overflow
Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac obtain a certain length value from an uninitialized memory location, which allows remote attackers to trigger a buffer overflow and execute arbitrary code via a crafted Excel file, aka "Excel Data Initialization Vulnerability."
by Metasploit
CVE-2011-4825 EXPLOITDB php VERIFIED
Ajax File and Image Manager < 1.1 - Remote Code Execution via PHP Code Injection in data.php
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted parameters.
by EgiX
CVE-2011-4825 EXPLOITDB php VERIFIED
Ajax File and Image Manager < 1.1 - Remote Code Execution via PHP Code Injection in data.php
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted parameters.
by EgiX
CVE-2011-4825 EXPLOITDB php VERIFIED
Ajax File and Image Manager < 1.1 - Remote Code Execution via PHP Code Injection in data.php
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted parameters.
by EgiX
EIP-2026-102796 EXPLOITDB c VERIFIED
Calibre E-Book Reader - Local Privilege Escalation (3)
by zx2c4
EIP-2026-119377 EXPLOITDB text VERIFIED
HP Data Protector Media Operations 6.20 - Directory Traversal
by Luigi Auriemma
CVE-2009-5109 EXPLOITDB ruby VERIFIED
Mini-Stream Ripper 3.0.1.1 - Stack-Based Buffer Overflow via .pls File
Stack-based buffer overflow in Mini-Stream Ripper 3.0.1.1 allows remote attackers to execute arbitrary code via a long entry in a .pls file.
by Metasploit
EIP-2026-115652 EXPLOITDB text VERIFIED
Microsoft Excel 2003 11.8335.8333 - Use-After-Free
by Luigi Auriemma
EIP-2026-114310 EXPLOITDB text VERIFIED
WordPress Theme Bonus 1.0 - 's' Cross-Site Scripting
by 3spi0n
CVE-2011-4813 EXPLOITDB text
WHMCompleteSolution 3.x.x - Path Traversal via clientarea.php templatefile Parameter
Directory traversal vulnerability in clientarea.php in WHMCompleteSolution (WHMCS) 3.x.x allows remote attackers to read arbitrary files via an invalid action and a ../ (dot dot slash) in the templatefile parameter.
by red virus
CVE-2011-4431 EXPLOITDB text VERIFIED
Merethis Centreon < 2.3.2 - Authenticated Path Traversal via Command Name Parameter
Directory traversal vulnerability in main.php in Merethis Centreon before 2.3.2 allows remote authenticated users to execute arbitrary commands via a .. (dot dot) in the command_name parameter.
by Christophe de la Fuente
CVE-2011-4825 EXPLOITDB text VERIFIED
Ajax File and Image Manager < 1.1 - Remote Code Execution via PHP Code Injection in data.php
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted parameters.
by EgiX
EIP-2026-104992 EXPLOITDB text
Advanced Poll 2.02 - SQL Injection
by Yassin Aboukir
CVE-2011-3336 EXPLOITDB HIGH php VERIFIED
PHP 5.3.0-5.3.9 - Denial of Service via Stack Exhaustion in regcomp
regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion.
by Maksymilian Arciemowicz
CVSS 7.5
EIP-2026-102906 EXPLOITDB c
Linux Kernel 2.6.37-rc1 - 'serial_multiport_struct' Local Information Leak
by Todor Donev