Exploitdb Exploits
50,095 exploits tracked across all sources.
Mozilla Firefox <3.5.19 & SeaMonkey <2.0.14 - Use After Free
Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mChannel.
by Rh0
CiscoKits 1.0 - TFTP Server Directory Traversal
by SecPod Research
threedify designer 5.0.2 - Multiple Vulnerabilities
by High-Tech Bridge SA
CiscoKits 1.0 - TFTP Server 'Write Command' Denial of Service
by SecPod Research
Social Slider < 7.4.0 - SQL Injection via rA Array Parameter
SQL injection vulnerability in social-slider-2/ajax.php in the Social Slider plugin before 7.4.2 for WordPress allows remote attackers to execute arbitrary SQL commands via the rA array parameter.
by Miroslav Stampar
WordPress Plugin ProPlayer 4.7.7 - SQL Injection
by Miroslav Stampar
Softbiz Recipes Portal Script - Multiple Cross-Site Scripting Vulnerabilities
by Net.Edit0r
OpenSLP - Denial of Service via Extension Parser Infinite Loop
The extension parser in slp_v2message.c in OpenSLP 1.2.1, and other versions before SVN revision 1647, as used in Service Location Protocol daemon (SLPD) in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, allows remote attackers to cause a denial of service (infinite loop) via a packet with a "next extension offset" that references this extension or a previous extension. NOTE: some of these details are obtained from third party information.
by Nicolas Gregoire
Oracle Sun GlassFish Enterprise Server <3.0.1 - Info Disclosure
Unspecified vulnerability in Oracle Sun GlassFish Enterprise Server 2.1, 2.1.1, and 3.0.1, and Sun Java System Application Server 9.1, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration.
by Metasploit
HP Data Protector - Remote Code Execution via EXEC_CMD Argument Injection
The client in HP Data Protector does not properly validate EXEC_CMD arguments, which allows remote attackers to execute arbitrary Perl code via a crafted command, related to the "local bin directory."
by Adrian Puente Z.
FreeAmp 2.0.7 - '.fat' Local Buffer Overflow (Metasploit)
by James Fitts
ABBS Electronic Flashcards 2.1 - Local Buffer Overflow (Metasploit)
by James Fitts
ABBS Audio Media Player 3.0 - Local Buffer Overflow (Metasploit)
by James Fitts
WordPress Plugin WP E-Commerce 3.8.6 - 'cart_messages[]' Cross-Site Scripting
by High-Tech Bridge SA
DZYGroup CMS Portal - Multiple SQL Injections
by Netrondoank
Community Server 2007/2008 - 'TagSelector.aspx' Cross-Site Scripting
by PontoSec
Webster HTTP Server - Remote Code Execution via Long URL
Buffer overflow in Webster HTTP Server allows remote attackers to execute arbitrary code via a long URL.
by Metasploit
Zinf <2.2.1 - Remote Code Execution
Buffer overflow in Zinf 2.2.1 on Windows, and other older versions for Linux, allows remote attackers or local users to execute arbitrary code via certain values in a .pls file.
by C4SS!0 & h1ch4m
Omnicom Alpha 4.0e LPD Server - Denial of Service
by Craig Freyman
TimThumb < 2.0 - Remote Code Execution via Domain Whitelist Bypass
TimThumb (timthumb.php) before 2.0 does not validate the entire source with the domain white list, which allows remote attackers to upload and execute arbitrary code via a URL containing a white-listed domain in the src parameter, then accessing it via a direct request to the file in the cache directory, as exploited in the wild in August 2011.
by MaXe
Joomla! Component com_xeslidegalfx - 'id' SQL Injection
by Ne0 H4ck3R
By Source