Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-118879 EXPLOITDB c VERIFIED
Microsoft Windows Live Messenger 14 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution
by Kalashinkov3
EIP-2026-111863 EXPLOITDB text VERIFIED
S9Y Serendipity Freetag-plugin 3.21 - 'index.php' Cross-Site Scripting
by Stefan Schurtz
CVE-2011-1944 EXPLOITDB text VERIFIED
libxml2 <2.6.32 & 2.7.8 - DoS/Code Injection
Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions.
by Chris Evans
EIP-2026-101028 EXPLOITDB python
iPhone4 FTP Server 1.0 - Empty CWD-RETR Remote Crash
by offsetIntruder
EIP-2026-100991 EXPLOITDB perl
Brother HL-5370DW - series Authentication Bypass printer flooder
by chrisB
EIP-2026-100386 EXPLOITDB text VERIFIED
Kentico CMS 5.5R2.23 - 'userContextMenu_Parameter' Cross-Site Scripting
by LiquidWorm
CVE-2013-0657 EXPLOITDB ruby VERIFIED
Schneider Electric IGSS <10 - Buffer Overflow
Stack-based buffer overflow in Schneider Electric Interactive Graphical SCADA System (IGSS) 10 and earlier allows remote attackers to execute arbitrary code by sending TCP port-12397 data that does not comply with a protocol.
by Metasploit
EIP-2026-113167 EXPLOITDB php
w-Agora Forum 4.2.1 - Arbitrary File Upload
by Treasure Priyamal
EIP-2026-107535 EXPLOITDB text VERIFIED
Guru JustAnswer Professional 1.25 - Multiple SQL Injections
by v3n0m
EIP-2026-106698 EXPLOITDB php
Easy Media Script - SQL Injection
by Lagripe-Dz
EIP-2026-106177 EXPLOITDB text VERIFIED
Cotonti 0.9.2 - Multiple SQL Injections
by KedAns-Dz
CVE-2012-2765 EXPLOITDB text VERIFIED
Belkin F5D7234-4 v5 G Wireless Router - Remote Hash Exposed
by Aodrulez
CVE-2011-0922 EXPLOITDB python VERIFIED
HP Data Protector - Remote Code Execution via EXEC_SETUP Command
The client in HP Data Protector allows remote attackers to execute arbitrary programs via an EXEC_SETUP command that references a UNC share pathname.
by fdiskyou
EIP-2026-111596 EXPLOITDB text
Puzzle Apps CMS 3.2 - Local File Inclusion
by Treasure Priyamal
EIP-2026-108413 EXPLOITDB text VERIFIED
Joomla! Component com_joomnik - SQL Injection
by SOLVER
EIP-2026-107939 EXPLOITDB text
Invisionix Roaming System Remote metasys 0.2 - Local File Inclusion
by Treasure Priyamal
CVE-2011-0923 EXPLOITDB python VERIFIED
HP Data Protector - Remote Code Execution via EXEC_CMD Argument Injection
The client in HP Data Protector does not properly validate EXEC_CMD arguments, which allows remote attackers to execute arbitrary Perl code via a crafted command, related to the "local bin directory."
by fdiskyou
EIP-2026-115930 EXPLOITDB text VERIFIED
NetVault: SmartDisk 1.2 - 'libnvbasics.dll' Remote Denial of Service
by Luigi Auriemma
EIP-2026-108401 EXPLOITDB text
Joomla! Component com_jmsfileseller - Local File Inclusion
by Valentin
EIP-2026-107536 EXPLOITDB text VERIFIED
Guru Penny Auction Pro 3.0 - Blind SQL Injection
by v3n0m
EIP-2026-106603 EXPLOITDB text
Duhok Forum 1.1 - SQL Injection
by M.Jock3R
EIP-2026-103906 EXPLOITDB text VERIFIED
Gadu-Gadu 10.5 - Remote Code Execution
by Kacper Szczesniak
CVE-2011-10021 EXPLOITDB HIGH ruby VERIFIED
Magix Musik Maker 16 - Buffer Overflow
Magix Musik Maker 16 is vulnerable to a stack-based buffer overflow due to improper handling of .mmm arrangement files. The vulnerability arises from an unsafe strcpy() operation that fails to validate input length, allowing attackers to overwrite the Structured Exception Handler (SEH). By crafting a malicious .mmm file, an attacker can trigger the overflow when the file is opened, potentially leading to arbitrary code execution. This vulnerability was remediated in version 17.
by Alexey Sintsov
EIP-2026-119044 EXPLOITDB c VERIFIED
Poison Ivy 2.3.2 - Remote Buffer Overflow
by Kevin R.V
EIP-2026-118735 EXPLOITDB html
Magneto ICMP ActiveX 4.0.0.20 - ICMPSendEchoRequest Remote Code Execute
by boahat