Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-105495 EXPLOITDB text VERIFIED
Bitweaver 2.8.1 - Multiple Cross-Site Scripting Vulnerabilities
by Stefan Schurtz
EIP-2026-117700 EXPLOITDB c
Norman Security Suite 8 - 'nprosec.sys' Local Privilege Escalation
by Xst3nZ
EIP-2026-112783 EXPLOITDB text VERIFIED
Traq 2.2 - Multiple SQL Injections / Cross-Site Scripting
by High-Tech Bridge SA
EIP-2026-104878 EXPLOITDB text VERIFIED
A2CMS - 'index.php' Local File Disclosure
by St493r
CVE-2011-0182 EXPLOITDB c
Apple Mac OS X <10.6.7 - Privilege Escalation
The i386_set_ldt system call in the kernel in Apple Mac OS X before 10.6.7 does not properly handle call gates, which allows local users to gain privileges via vectors involving the creation of a call gate entry.
by hkpco
EIP-2026-100591 EXPLOITDB text
timelive time and expense tracking 4.1.1 - Multiple Vulnerabilities
by Nathaniel Carew
EIP-2026-119127 EXPLOITDB text VERIFIED
ServersCheck Monitoring Software 8.8.x - Multiple Vulnerabilities
by Vulnerability-Lab
CVE-2011-4045 EXPLOITDB text VERIFIED
ARC Informatique PcVue <10.0 - Buffer Overflow
Buffer overflow in an unspecified ActiveX control in aipgctl.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to cause a denial of service via a crafted HTML document.
by Luigi Auriemma
EIP-2026-113894 EXPLOITDB text VERIFIED
WordPress Plugin Mingle Forum 1.0.31 - SQL Injection
by Miroslav Stampar
EIP-2026-112966 EXPLOITDB text VERIFIED
Vanira CMS - 'vtpidshow' SQL Injection
by kurdish hackers team
EIP-2026-111733 EXPLOITDB text
redmind Online-Shop / E-Commerce-System - SQL Injection
by Indonesian BlackCoder
EIP-2026-108043 EXPLOITDB text
Jarida 1.0 - Multiple Vulnerabilities
by Ptrace Security
CVE-2011-3645 EXPLOITDB text
Newgen OmniDocs - Unauthenticated Permission Bypass via FolderRights or UserIndex Parameter
Newgen OmniDocs allows remote attackers to bypass intended access restrictions via (1) a modified FolderRights parameter to doccab/doclist.jsp, which leads to arbitrary permission changes; or (2) a modified UserIndex parameter to doccab/userprofile/editprofile.jsp, which selects the settings page of an arbitrary user.
by Sohil Garg
EIP-2026-100695 EXPLOITDB text VERIFIED
Adobe ColdFusion 7 - Multiple Cross-Site Scripting Vulnerabilities
by MustLive
CVE-2011-10014 EXPLOITDB HIGH perl VERIFIED
San Andreas Multiplayer 0.3.1.1 - Stack-based Buffer Overflow via Malformed server.cfg Echo Directive
GTA San Andreas Multiplayer (SA-MP) server version 0.3.1.1 is vulnerable to a stack-based buffer overflow triggered by parsing a malformed server.cfg configuration file. The vulnerability allows local attackers to execute arbitrary code when the server binary (samp-server.exe) processes a crafted echo directive containing excessive input. The original 'sa-mp.com' site is defunct, but the community maintains mirrors and forks that may be vulnerable.
by Silent_Dream
EIP-2026-117656 EXPLOITDB perl VERIFIED
Muse Music All-in-One 1.5.0.001 - '.pls' Local Buffer Overflow (DEP Bypass)
by C4SS!0 G0M3S
EIP-2026-116336 EXPLOITDB text VERIFIED
Sterling Trader 7.0.2 - Integer Overflow
by Luigi Auriemma
EIP-2026-115329 EXPLOITDB c VERIFIED
GMER 1.0.15.15641 - MFT Overwrite
by Heurs
EIP-2026-113625 EXPLOITDB text
WordPress Plugin CevherShare 2.0 - SQL Injection
by bd0rk
EIP-2026-113608 EXPLOITDB text VERIFIED
WordPress Plugin BuddyPress 1.2.10 / WordPress Theme DEV Blogs Mu 1.2.6 (WordPress 3.1.4) - Regular Subscriber HTML Injection
by knull
EIP-2026-111864 EXPLOITDB text VERIFIED
S9Y Serendipity Freetag-plugin 3.23 - 'serendipity[tagview]' Cross-Site Scripting
by Stefan Schurtz
EIP-2026-108222 EXPLOITDB text VERIFIED
Joomla! Component Biitatemplateshop - 'groups' SQL Injection
by BHG Security Group
EIP-2026-104938 EXPLOITDB text VERIFIED
AdaptCMS 2.0.1 - Cross-Site Scripting / Information Disclosure
by Stefan Schurtz
CVE-2011-3861 EXPLOITDB text VERIFIED
Web Minimalist 200901 < 1.2 - Cross-Site Scripting via PATH_INFO to index.php
Cross-site scripting (XSS) vulnerability in the Web Minimalist 200901 theme before 1.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php.
by SiteWatch
CVE-2011-3859 EXPLOITDB text VERIFIED
Trending theme < 0.1 - Cross-Site Scripting via cpage Parameter
Cross-site scripting (XSS) vulnerability in the Trending theme before 0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cpage parameter.
by SiteWatch