Exploitdb Exploits
50,095 exploits tracked across all sources.
Oracle AutoVue 20.0.1 AutoVueX - ActiveX Control SaveViewStateToFile
by rgod
Cyclope Internet Filtering Proxy 4.0 - 'CEPMServer.exe' Denial of Service (PoC)
by loneferret
SportsPHool 1.0 - Remote File Inclusion via mainnav Parameter
PHP remote file inclusion vulnerability in includes/layout/plain.footer.php in SportsPHool 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the mainnav parameter.
by cr4wl3r
Dell Quest One Password Manager - Unauthenticated Information Disclosure via CAPTCHA Bypass
The Dell Quest One Password Manager, possibly 5.0, allows remote attackers to bypass CAPTCHA protections and obtain sensitive information (user's full name) by sending a login request with a valid domain and username but without the CaptchaType, UseCaptchaEveryTime, and CaptchaResponse parameters.
by Johnny Bravo
OCS Inventory NG < 2.0.1 - Cross-Site Scripting
Cross-site scripting (XSS) vulnerability in ocsinventory in OCS Inventory NG 2.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
by Nicolas DEROUET
Cyclope Internet Filtering Proxy 4.0 - Persistent Cross-Site Scripting
by loneferret
UnrealIRCd 3.2.8.1 - Local Configuration Stack Overflow
by DiGMi
Oracle DataDirect - Multiple Native Wire Protocol ODBC Drivers HOST Attribute Stack Buffer Overflows (PoC)
by rgod
Uiga Personal Portal - Multiple Vulnerabilities
by Eyup CELIK
Tine 2.0 - Multiple Cross-Site Scripting Vulnerabilities
by High-Tech Bridge SA
osCommerce - Arbitrary File Upload / File Disclosure
by indoushka
Innovate Portal 2.0 - 'cat' Cross-Site Scripting
by Eyup CELIK
fims File Management System 1.2.1a - Multiple Vulnerabilities
by Skraps
Metasploit Web UI 4.1.0 - Persistent Cross-Site Scripting
by Stefan Schurtz
Splunk 4.1.6 - 'segment' Cross-Site Scripting
by Filip Palian
Splunk 4.1.6 Web Component - Remote Denial of Service
by Filip Palian
HP Power Manager <4.2.10 - Buffer Overflow
Stack-based buffer overflow in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to execute arbitrary code via a long fileName parameter.
by Metasploit
Pre Studio Business Cards Designer - SQL Injection via Page ID Parameter
SQL injection vulnerability in page.php in Pre Studio Business Cards Designer allows remote attackers to execute arbitrary SQL commands via the id parameter.
by dr_zig
Yet Another CMS 1.0 - SQL Injection / Cross-Site Scripting
by Stefan Schurtz
By Source