Exploitdb Exploits
50,095 exploits tracked across all sources.
Bitweaver 2.8.1 - Multiple Cross-Site Scripting Vulnerabilities
by Stefan Schurtz
Norman Security Suite 8 - 'nprosec.sys' Local Privilege Escalation
by Xst3nZ
Traq 2.2 - Multiple SQL Injections / Cross-Site Scripting
by High-Tech Bridge SA
Apple Mac OS X <10.6.7 - Privilege Escalation
The i386_set_ldt system call in the kernel in Apple Mac OS X before 10.6.7 does not properly handle call gates, which allows local users to gain privileges via vectors involving the creation of a call gate entry.
by hkpco
timelive time and expense tracking 4.1.1 - Multiple Vulnerabilities
by Nathaniel Carew
ServersCheck Monitoring Software 8.8.x - Multiple Vulnerabilities
by Vulnerability-Lab
ARC Informatique PcVue <10.0 - Buffer Overflow
Buffer overflow in an unspecified ActiveX control in aipgctl.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to cause a denial of service via a crafted HTML document.
by Luigi Auriemma
WordPress Plugin Mingle Forum 1.0.31 - SQL Injection
by Miroslav Stampar
Vanira CMS - 'vtpidshow' SQL Injection
by kurdish hackers team
redmind Online-Shop / E-Commerce-System - SQL Injection
by Indonesian BlackCoder
Newgen OmniDocs - Unauthenticated Permission Bypass via FolderRights or UserIndex Parameter
Newgen OmniDocs allows remote attackers to bypass intended access restrictions via (1) a modified FolderRights parameter to doccab/doclist.jsp, which leads to arbitrary permission changes; or (2) a modified UserIndex parameter to doccab/userprofile/editprofile.jsp, which selects the settings page of an arbitrary user.
by Sohil Garg
Adobe ColdFusion 7 - Multiple Cross-Site Scripting Vulnerabilities
by MustLive
San Andreas Multiplayer 0.3.1.1 - Stack-based Buffer Overflow via Malformed server.cfg Echo Directive
GTA San Andreas Multiplayer (SA-MP) server version 0.3.1.1 is vulnerable to a stack-based buffer overflow triggered by parsing a malformed server.cfg configuration file. The vulnerability allows local attackers to execute arbitrary code when the server binary (samp-server.exe) processes a crafted echo directive containing excessive input. The original 'sa-mp.com' site is defunct, but the community maintains mirrors and forks that may be vulnerable.
by Silent_Dream
Muse Music All-in-One 1.5.0.001 - '.pls' Local Buffer Overflow (DEP Bypass)
by C4SS!0 G0M3S
WordPress Plugin BuddyPress 1.2.10 / WordPress Theme DEV Blogs Mu 1.2.6 (WordPress 3.1.4) - Regular Subscriber HTML Injection
by knull
S9Y Serendipity Freetag-plugin 3.23 - 'serendipity[tagview]' Cross-Site Scripting
by Stefan Schurtz
Joomla! Component Biitatemplateshop - 'groups' SQL Injection
by BHG Security Group
AdaptCMS 2.0.1 - Cross-Site Scripting / Information Disclosure
by Stefan Schurtz
Web Minimalist 200901 < 1.2 - Cross-Site Scripting via PATH_INFO to index.php
Cross-site scripting (XSS) vulnerability in the Web Minimalist 200901 theme before 1.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php.
by SiteWatch
Trending theme < 0.1 - Cross-Site Scripting via cpage Parameter
Cross-site scripting (XSS) vulnerability in the Trending theme before 0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cpage parameter.
by SiteWatch
By Source