Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-114868 EXPLOITDB text VERIFIED
Adobe Reader/Acrobat 10.0.1 - Denial of Service
by Soroush Dalili
EIP-2026-105759 EXPLOITDB text
Catalog Builder eCommerce Software - Blind SQL Injection
by takeshix
EIP-2026-109745 EXPLOITDB php VERIFIED
MyBloggie 2.1.6 - HTML Injection / SQL Injection
by Robin Verton
EIP-2026-109483 EXPLOITDB text VERIFIED
miniblog 1.0 - Multiple Cross-Site Scripting Vulnerabilities
by High-Tech Bridge SA
EIP-2026-107222 EXPLOITDB text VERIFIED
Free Simple CMS 1.0 - Multiple Vulnerabilities
by High-Tech Bridge SA
EIP-2026-105162 EXPLOITDB text VERIFIED
AMHSHOP 3.7.0 - SQL Injection
by Yassin Aboukir
CVE-2010-3271 EXPLOITDB text VERIFIED
IBM WebSphere Application Server <7.0.0.13 - CSRF
Multiple cross-site request forgery (CSRF) vulnerabilities in the Integrated Solutions Console (aka administrative console) in IBM WebSphere Application Server (WAS) 7.0.0.13 and earlier allow remote attackers to hijack the authentication of administrators for requests that disable certain security options via an Edit action to console/adminSecurityDetail.do followed by a save action to console/syncworkspace.do.
by Core Security
EIP-2026-117646 EXPLOITDB ruby
MPlayer - '.SAMI' Subtitle File Buffer Overflow (DEP Bypass) (Metasploit)
by James Fitts
CVE-2011-2641 EXPLOITDB html VERIFIED
Opera 11.11 - Denial of Service via FONT FACE Attribute in IFRAME
Opera 11.11 allows remote attackers to cause a denial of service (application crash) by setting the FACE attribute of a FONT element within an IFRAME element after changing the SRC attribute of this IFRAME element to an about:blank value.
by echo
EIP-2026-115808 EXPLOITDB text
Microsoft Windows Media Player with K-Lite Codec Pack - Denial of Service (PoC)
by Nicolas Krassas
EIP-2026-115751 EXPLOITDB text VERIFIED
Microsoft Office XP - Remote code Execution
by Francis Provencher
CVE-2011-1872 EXPLOITDB text VERIFIED
Microsoft Windows Server <2008 Gold-SP1 - DoS
Hyper-V in Microsoft Windows Server 2008 Gold, SP2, R2, and R2 SP1 allows guest OS users to cause a denial of service (host OS infinite loop) via malformed machine instructions in a VMBus packet, aka "VMBus Persistent DoS Vulnerability."
by Core Security
EIP-2026-112980 EXPLOITDB text VERIFIED
vBTube 1.2.9 - 'vBTube.php' Multiple Cross-Site Scripting Vulnerabilities
by Mr.ThieF
EIP-2026-106269 EXPLOITDB text
cubecart 2.0.7 - Multiple Vulnerabilities
by Shamus
CVE-2011-2202 EXPLOITDB text VERIFIED
PHP < 5.3.7 - Path Traversal and Arbitrary File Write via Multipart Form-Data Filename
The rfc1867_post_handler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote attackers to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, via a crafted upload request, related to a "file path injection vulnerability."
by Krzysztof Kotowicz
EIP-2026-103610 EXPLOITDB html VERIFIED
Opera Web Browser 11.11 - Denial of Service
by echo
EIP-2026-102573 EXPLOITDB c
Conky Linux 1.8.0 - Local Denial of Service (PoC)
by Arturo D'Elia
EIP-2026-117584 EXPLOITDB VERIFIED
Microsoft Windows XP - 'tskill' Local Privilege Escalation
by Todor Donev
EIP-2026-113280 EXPLOITDB text VERIFIED
WebFileExplorer 3.6 - 'user' / 'pass' SQL Injection
by pentesters.ir
EIP-2026-110876 EXPLOITDB perl VERIFIED
PHP-Nuke 8.3 - 'upload.php' Arbitrary File Upload (2)
by pentesters.ir
EIP-2026-110875 EXPLOITDB php VERIFIED
PHP-Nuke 8.3 - 'upload.php' Arbitrary File Upload (1)
by pentesters.ir
EIP-2026-108851 EXPLOITDB text VERIFIED
Joomla! Component Scriptegrator 1.5 - Local File Inclusion
by jdc
EIP-2026-108788 EXPLOITDB text VERIFIED
Joomla! Component Minitek FAQ Book 1.3 - 'id' SQL Injection
by kaMtiEz
EIP-2026-104378 EXPLOITDB text VERIFIED
Oracle HTTP Server - Cross-Site Scripting Header Injection
by Yasser ABOUKIR
EIP-2026-100432 EXPLOITDB text VERIFIED
Microsoft Lync Server 2010 - 'ReachJoin.aspx' Remote Command Injection
by Mark Lachniet