Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2011-1938 EXPLOITDB php VERIFIED
PHP 5.3.3-5.3.6 - Stack-Based Buffer Overflow in socket_connect
Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers to execute arbitrary code via a long pathname for a UNIX socket.
by Jonathan Salwan
CVE-2010-3333 EXPLOITDB HIGH text VERIFIED
Microsoft Office - Stack-based Buffer Overflow via Crafted RTF Data
Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via crafted RTF data, aka "RTF Stack Buffer Overflow Vulnerability."
by Snake
CVSS 7.8
CVE-2011-0611 EXPLOITDB HIGH text VERIFIED
Adobe Flash Player < 10.2.154.27 - Remote Code Execution via Crafted Flash Content
Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content; as demonstrated by a Microsoft Office document with an embedded .swf file that has a size inconsistency in a "group of included constants," object type confusion, ActionScript that adds custom functions to prototypes, and Date objects; and as exploited in the wild in April 2011.
by Snake
CVSS 8.8
CVE-2009-2521 EXPLOITDB ruby
Microsoft Internet Information Services 5.0-7.0 - Authenticated Denial of Service via FTP List Command
Stack consumption vulnerability in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows remote authenticated users to cause a denial of service (daemon crash) via a list (ls) -R command containing a wildcard that references a subdirectory, followed by a .. (dot dot), aka "IIS FTP Service DoS Vulnerability."
by Myo Soe
EIP-2026-115165 EXPLOITDB python VERIFIED
Donar Player 2.8.0 - Denial of Service
by X-h4ck
EIP-2026-111028 EXPLOITDB text VERIFIED
phpDealerLocator - Multiple SQL Injections
by Robert Cooper
EIP-2026-100312 EXPLOITDB text VERIFIED
eTAWASOL - 'id' SQL Injection
by Bl4ck.Viper
EIP-2026-100272 EXPLOITDB text VERIFIED
DMXReady Registration Manager 1.2 - SQL Injection
by Bellatrix
EIP-2026-100268 EXPLOITDB text VERIFIED
DmxReady News Manager 1.2 - SQL Injection
by Bellatrix
EIP-2026-100262 EXPLOITDB text VERIFIED
DmxReady Faqs Manager 1.2 - SQL Injection
by Bellatrix
EIP-2026-100260 EXPLOITDB text VERIFIED
DmxReady Document Library Manager 1.2 - SQL Injection
by Bellatrix
EIP-2026-100258 EXPLOITDB text VERIFIED
DmxReady Contact Us Manager 1.2 - SQL Injection
by Bellatrix
EIP-2026-100256 EXPLOITDB text VERIFIED
DmxReady Catalog Manager 1.2 - SQL Injection
by Bellatrix
EIP-2026-100252 EXPLOITDB text VERIFIED
DmxReady Bilboard 1.2 - SQL Injection
by Bellatrix
CVE-2011-1865 EXPLOITDB python VERIFIED
HP OpenView Storage Data Protector <6.20 - Buffer Overflow
Multiple stack-based buffer overflows in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allow remote attackers to execute arbitrary code via a request containing crafted parameters.
by muts & dookie
EIP-2026-100471 EXPLOITDB text VERIFIED
Paliz Portal - Cross-Site Scripting / Multiple SQL Injections
by Net.Edit0r
CVE-2011-1865 EXPLOITDB ruby VERIFIED
HP OpenView Storage Data Protector <6.20 - Buffer Overflow
Multiple stack-based buffer overflows in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allow remote attackers to execute arbitrary code via a request containing crafted parameters.
by Metasploit
EIP-2026-113502 EXPLOITDB text VERIFIED
WordPress Core 3.1.3 - SQL Injection
by SEC Consult
EIP-2026-110025 EXPLOITDB text VERIFIED
Ollance Member Login Script - Multiple Vulnerabilities
by $#4d0\/\/[r007k17]
CVE-2008-6149 EXPLOITDB text VERIFIED
com_mdigg 2.2.8 - SQL Injection via cagtegory Parameter
SQL injection vulnerability in the mDigg (com_mdigg) component 2.2.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cagtegory parameter in a story_lists action to index.php.
by Caddy Dz
CVE-2011-1656 EXPLOITDB c VERIFIED
NetBSD 5.1 - 'libc/net' Multiple Stack Buffer Overflows
by Maksymilian Arciemowicz
CVE-2011-10020 EXPLOITDB HIGH perl
Kaillera Server < 0.86 - Unauthenticated Denial of Service via Malformed UDP Packet
Kaillera Server version 0.86 is vulnerable to a denial-of-service condition triggered by sending a malformed UDP packet after the initial handshake. Once a client sends a valid HELLO0.83 packet and receives a response, any subsequent malformed packet causes the server to crash and become unresponsive. This flaw stems from improper input validation in the server’s UDP packet handler, allowing unauthenticated remote attackers to disrupt service availability.
by Sil3nt_Dre4m
CVE-2011-1866 EXPLOITDB text VERIFIED
HP OpenView Storage Data Protector <6.20 - Buffer Overflow
Buffer overflow in omniinet.exe in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allows remote attackers to execute arbitrary code via a crafted request, related to the EXEC_CMD functionality.
by Core Security
EIP-2026-103929 EXPLOITDB c VERIFIED
IBM DB2 - 'DT_RPATH' Insecure Library Loading Arbitrary Code Execution
by Tim Brown
EIP-2026-102732 EXPLOITDB perl
Rhythmbox - '.m3u' Local Crash (PoC)
by Caddy-Dz