Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-106782 EXPLOITDB text
eFront 3.6.10 (build 11944) - Multiple Vulnerabilities
by EgiX
CVE-2011-10014 EXPLOITDB HIGH ruby VERIFIED
San Andreas Multiplayer 0.3.1.1 - Stack-based Buffer Overflow via Malformed server.cfg Echo Directive
GTA San Andreas Multiplayer (SA-MP) server version 0.3.1.1 is vulnerable to a stack-based buffer overflow triggered by parsing a malformed server.cfg configuration file. The vulnerability allows local attackers to execute arbitrary code when the server binary (samp-server.exe) processes a crafted echo directive containing excessive input. The original 'sa-mp.com' site is defunct, but the community maintains mirrors and forks that may be vulnerable.
by Metasploit
EIP-2026-119303 EXPLOITDB text VERIFIED
XAMPP 1.7.4 - Cross-Site Scripting
by Sangteamtham
EIP-2026-113156 EXPLOITDB text VERIFIED
vTiger CRM 5.2.1 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities (2)
by LiquidWorm
CVE-2008-6132 EXPLOITDB ruby VERIFIED
phpScheduleIt <1.2.10 - Code Injection
Eval injection vulnerability in reserve.php in phpScheduleIt 1.2.10 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via the start_date parameter.
by Metasploit
CVE-2011-5185 EXPLOITDB text
Online Subtitles Workshop < 2.0 - Cross-Site Scripting via Comment Parameter
Cross-site scripting (XSS) vulnerability in video_comments.php in Online Subtitles Workshop before 2.0 rev 131 allows remote attackers to inject arbitrary web script or HTML via the comment parameter.
by M.Jock3R
EIP-2026-103023 EXPLOITDB text VERIFIED
Trend Micro IWSS 3.1 - Local Privilege Escalation
by Buguroo Offensive Security
CVE-2011-3315 EXPLOITDB text VERIFIED
Cisco Unified Communications Manager 5.x-8.x Path Traversal via Crafted URL
Directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x before 6.1(5)SU2, 7.x before 7.1(5b)SU2, and 8.x before 8.0(3), and Cisco Unified Contact Center Express (aka Unified CCX or UCCX) and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) before 6.0(1)SR1ES8, 7.0(x) before 7.0(2)ES1, 8.0(x) through 8.0(2)SU3, and 8.5(x) before 8.5(1)SU2, allows remote attackers to read arbitrary files via a crafted URL, aka Bug IDs CSCth09343 and CSCts44049.
by Sandro Gauci
EIP-2026-115001 EXPLOITDB perl
BlueZone Desktop - Multiple Malformed Files Local Denial of Service Vulnerabilities
by Silent_Dream
CVE-2011-4075 EXPLOITDB ruby VERIFIED
phpLDAPadmin < 1.2.2 - Remote Code Execution via Orderby Parameter
The masort function in lib/functions.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to execute arbitrary PHP code via the orderby parameter (aka sortby variable) in a query_engine action to cmd.php, as exploited in the wild in October 2011.
by Metasploit
EIP-2026-108608 EXPLOITDB text
Joomla! Component com_yjcontactus - Local File Inclusion
by MeGo
EIP-2026-105124 EXPLOITDB text VERIFIED
Alsbtain Bulletin 1.5/1.6 - Multiple Local File Inclusions
by Null H4ck3r
CVE-2011-10015 EXPLOITDB CRITICAL ruby VERIFIED
Cytel Studio <9.0 - Buffer Overflow
Cytel Studio version 9.0 and earlier is vulnerable to a stack-based buffer overflow triggered by parsing a malformed .CY3 file. The vulnerability occurs when the application copies user-controlled strings into a fixed-size stack buffer (256 bytes) without proper bounds checking. Exploitation allows arbitrary code execution when the crafted file is opened.
by Metasploit
EIP-2026-119419 EXPLOITDB ruby VERIFIED
SAP Management Console - OSExecute Payload Execution (Metasploit)
by Metasploit
EIP-2026-119005 EXPLOITDB html VERIFIED
Oracle AutoVue 20.0.1 - 'AutoVueX.ocx' ActiveX Control 'ExportEdaBom()' Insecure Method
by rgod
EIP-2026-116643 EXPLOITDB python
zFTPServer - 'cwd/stat' Remote Denial of Service
by Myo Soe
EIP-2026-114999 EXPLOITDB perl VERIFIED
BlueZone - '.zft' File Local Denial of Service
by Iolo Morganwg
EIP-2026-107902 EXPLOITDB text VERIFIED
InverseFlow 2.4 - Multiple Cross-Site Scripting Vulnerabilities
by Amir Expl0its
CVE-2011-1513 EXPLOITDB text VERIFIED
e107 < 0.7.24 - Remote Code Execution via MySQL Server Name Injection
Static code injection vulnerability in install_.php in e107 CMS 0.7.24 and probably earlier versions, when the installation script is not removed, allows remote attackers to inject arbitrary PHP code into e107_config.php via a crafted MySQL server name.
by Matt Bergin
CVE-2011-1985 EXPLOITDB HIGH text VERIFIED
Microsoft Windows - Privilege Escalation
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via a crafted application, aka "Win32k Null Pointer De-reference Vulnerability."
by KiDebug
CVSS 7.1
CVE-2011-4075 EXPLOITDB php VERIFIED
phpLDAPadmin < 1.2.2 - Remote Code Execution via Orderby Parameter
The masort function in lib/functions.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to execute arbitrary PHP code via the orderby parameter (aka sortby variable) in a query_engine action to cmd.php, as exploited in the wild in October 2011.
by EgiX
CVE-2011-4094 EXPLOITDB CRITICAL text
jara 1.6 - SQL Injection
Jara 1.6 has a SQL injection vulnerability.
by muuratsalo
CVSS 9.8
EIP-2026-107901 EXPLOITDB text
InverseFlow 2.4 - Cross-Site Request Forgery (Add Admin)
by EjRaM HaCkEr
EIP-2026-104677 EXPLOITDB java
phpLDAPadmin 0.9.4b - Denial of Service
by Alguien
EIP-2026-103481 EXPLOITDB text VERIFIED
Google Chrome - Denial of Service
by Prashant Uniyal