Exploitdb Exploits
50,095 exploits tracked across all sources.
Code Widgets DataBound Collapsible Menu - 'main.asp' SQL Injection
by Inj3ct0r
Mozilla Firefox <3.5.19 & SeaMonkey <2.0.14 - Use After Free
Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mChannel.
by mr_me
WordPress Plugin IP-Logger 3.0 - SQL Injection
by Miroslav Stampar
Sagem Router Fast 3304/3464/3504 - Telnet Authentication Bypass
by Elouafiq Ali
SurgeFTP 23b6 - Multiple Cross-Site Scripting Vulnerabilities
by Houssam Sahli
shttpd 1.42 - Stack-based Buffer Overflow in _shttpd_put_dir Function
Stack-based buffer overflow in the (1) put_dir function in mongoose.c in Mongoose 3.0, (2) put_dir function in yasslEWS.c in yaSSL Embedded Web Server (yasslEWS) 0.2, and (3) _shttpd_put_dir function in io_dir.c in Simple HTTPD (shttpd) 1.42 allows remote attackers to execute arbitrary code via an HTTP PUT request, as exploited in the wild in 2011.
by nion
phpList 2.10.x - Security Bypass / Information Disclosure
by Davide Canali
awiki 20100125 - Multiple Local File Inclusions
by muuratsalo
Prediction Football 2.51 - Cross-Site Request Forgery
by Smith Falcon
Microsoft Windows MPEG Layer-3 Audio Codecs - Remote Code Execution via Crafted AVI File
Multiple stack-based buffer overflows in the MPEG Layer-3 audio codecs in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to execute arbitrary code via a crafted AVI file, aka "MPEG Layer-3 Audio Decoder Stack Overflow Vulnerability."
by Metasploit
D.R. Software Audio Converter 8.1 - DEP Bypass
by C4SS!0 G0M3S
shttpd 1.42 - Stack-based Buffer Overflow in _shttpd_put_dir Function
Stack-based buffer overflow in the (1) put_dir function in mongoose.c in Mongoose 3.0, (2) put_dir function in yasslEWS.c in yaSSL Embedded Web Server (yasslEWS) 0.2, and (3) _shttpd_put_dir function in io_dir.c in Simple HTTPD (shttpd) 1.42 allows remote attackers to execute arbitrary code via an HTTP PUT request, as exploited in the wild in 2011.
by G13
TeeChart Professional ActiveX Control 2010.0.0.3 - Trusted Integer Dereference (Metasploit)
by Metasploit
MP3 CD Converter Professional 5.3.0 - Universal DEP Bypass
by C4SS!0 G0M3S
PHP Flat File Guestbook 1.0 - 'ffgb_admin.php' Remote File Inclusion
by RiRes Walid
Adobe RoboHelp 9 - DOM Cross-Site Scripting
by Roberto Suggi Liverani
Mozilla Firefox <3.5.19 & SeaMonkey <2.0.14 - Use After Free
Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mChannel.
by Metasploit
Bisonware FTP Server < 4.1 - Buffer Overflow via Long USER LIST or CWD Commands
Buffer overflows in Bisonware FTP server prior to 4.1 allow remote attackers to cause a denial of service, and possibly execute arbitrary commands, via long (1) USER, (2) LIST, or (3) CWD commands.
by localh0t
A-PDF All to MP3 2.3.0 - Universal DEP Bypass
by C4SS!0 G0M3S
WordPress Plugin eShop 6.2.8 - Multiple Cross-Site Scripting Vulnerabilities
by High-Tech Bridge SA
By Source