Exploitdb Exploits
50,095 exploits tracked across all sources.
Pandora FMS 3.x - 'index.php' Cross-Site Scripting
by mehdi boukazoula
DV Cart Shopping Cart software - SQL Injection
by Eyup CELIK
Concrete 5.4.1 1 - 'rcID' Cross-Site Scripting
by Aung Khant
OneFileCMS 1.1.1 - 'onefilecms.php' Cross-Site Scripting
by mr.pr0n
HP Easy Printer Care Software < 2.5 - Remote Code Execution via HPTicketMgr.dll ActiveX Control
A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than CVE-2011-4786 and CVE-2011-4787.
by Metasploit
Freefloat FTP Server - 'ALLO' Remote Buffer Overflow
by Black.Spook
WordPress Plugin UnGallery 1.5.8 - Local File Disclosure
by Miroslav Stampar
WordPress < 2.8.1 - Username Enumeration via Failed Login Behavior
WordPress and WordPress MU before 2.8.1 exhibit different behavior for a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames. NOTE: the vendor reportedly disputes the significance of this issue, indicating that the behavior exists for "user convenience."
by Tiago Ferreira & Heyder Andrade
Axis Commerce (E-Commerce System) - Persistent Cross-Site Scripting
by Eyup CELIK
Apache HTTP Server 1.3.x 2.0.35-2.0.64 2.2.0-2.2.19 - Denial of Service via Range Header Overlap
The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
by kingcope
Symantec AntiVirus < 9.0 and 10.0-10.1 - Remote Code Execution via Crafted Packet
The Intel LANDesk Common Base Agent (CBA) in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary commands via a crafted packet whose contents are interpreted as a command to be launched in a new process by the CreateProcessA function.
by Metasploit
Symantec System Center Alert Management System - 'hndlrsvc.exe' Arbitrary Command Execution (Metasploit)
by Metasploit
Xlight FTP Server 3.7 - Remote Buffer Overflow
by KedAns-Dz
Oracle Secure Backup 10.3.0.1 - Info Disclosure
Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows remote attackers to affect integrity via unknown vectors.
by Metasploit
PHP < 5.3.7 - Denial of Service via Malloc Return Value Mismanagement
PHP before 5.3.7 does not properly check the return values of the malloc, calloc, and realloc library functions, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger a buffer overflow by leveraging the ability to provide an arbitrary value for a function argument, related to (1) ext/curl/interface.c, (2) ext/date/lib/parse_date.c, (3) ext/date/lib/parse_iso_intervals.c, (4) ext/date/lib/parse_tz.c, (5) ext/date/lib/timelib.c, (6) ext/pdo_odbc/pdo_odbc.c, (7) ext/reflection/php_reflection.c, (8) ext/soap/php_sdl.c, (9) ext/xmlrpc/libxmlrpc/base64.c, (10) TSRM/tsrm_win32.c, and (11) the strtotime function.
by Maksymilian Arciemowicz
Apache Struts 2.0.0-2.1.8.1 - Remote Code Execution via OGNL Context Variable Manipulation
The OGNL extensive expression evaluation capability in XWork in Struts 2.0.0 through 2.1.8.1, as used in Atlassian Fisheye, Crucible, and possibly other products, uses a permissive whitelist, which allows remote attackers to modify server-side context objects and bypass the "#" protection mechanism in ParameterInterceptors via the (1) #context, (2) #_memberAccess, (3) #root, (4) #this, (5) #_typeResolver, (6) #_classResolver, (7) #_traceEvaluations, (8) #_lastEvaluation, (9) #_keepLastEvaluation, and possibly other OGNL context variables, a different vulnerability than CVE-2008-6504.
by Metasploit
GIGAPOD OfficeHard <3.04.03, GIGAPOD 2010/3 <3.01.02 - DoS via Apache HTTP Request Handling
GIGAPOD file servers (Appliance model and Software model) provide two web interfaces, 80/tcp and 443/tcp for user operation, and 8001/tcp for administrative operation.
8001/tcp is served by a version of Apache HTTP server containing a flaw in handling HTTP requests (CVE-2011-3192), which may lead to a denial-of-service (DoS) condition.
by kingcope
CVSS 7.5
By Source