Exploitdb Exploits
50,095 exploits tracked across all sources.
cPanel < 11.25 - Cross-Site Request Forgery (Add User PHP Script)
by ninjashell
Asterisk 1.8.4.1 - SIP 'REGISTER' Request User Enumeration
by Francesco Tornieri
MidiCMS Website Builder - Local File Inclusion / Arbitrary File Upload
by KedAns-Dz
Kryn.cms 0.9 - '_kurl' Cross-Site Scripting
by AutoSec Tools
Extcalendar 2.0b2 - 'cal_search.php' SQL Injection
by High-Tech Bridge SA
eGroupWare 1.8.001.20110421 - Multiple Vulnerabilities
by AutoSec Tools
AWStats Totals 1.0-1.14 - Remote Code Execution via Sort Parameter
awstatstotals.php in AWStats Totals 1.0 through 1.14 allows remote attackers to execute arbitrary code via PHP sequences in the sort parameter, which is used by the multisort function when dynamically creating an anonymous PHP function.
by Metasploit
PHP 5.3.3-5.3.6 - Stack-Based Buffer Overflow in socket_connect
Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers to execute arbitrary code via a long pathname for a UNIX socket.
by Marek Kroemeke
RXS-3211 IP Camera - UDP Packet Password Information Disclosure
by Spare Clock Cycles
BlackBoard Learn 8.0 - 'keywordraw' Cross-Site Scripting
by Matt Jezorek
phpScheduleIt 1.2.12 - Multiple Cross-Site Scripting Vulnerabilities
by High-Tech Bridge SA
Ajax Chat 1.0 - 'ajax-chat.php' Cross-Site Scripting
by High-Tech Bridge SA
Lumension Security Lumension Device Control 4.x - Memory Corruption
by Andy Davis
Gadu-Gadu Instant Messenger 6.0 - File Transfer Cross-Site Scripting
by Kacper Szczesniak
VisiWave Site Survey < 2.1.9 - Remote Code Execution via Invalid Type Property in VWS/VWR Files
VisiWaveReport.exe in AZO Technologies, Inc. VisiWave Site Survey before 2.1.9 allows user-assisted remote attackers to execute arbitrary code via a (1) vws and (2) vwr file with an invalid Type property, which triggers an untrusted pointer dereference.
by Metasploit
vBulletin 4.0.x 4.1.2 - 'search.php' SQL Injection
by D4rkB1t
Joomla! Component Map Locator - 'cid' SQL Injection
by FL0RiX
Magix Musik Maker 16 - Buffer Overflow
Magix Musik Maker 16 is vulnerable to a stack-based buffer overflow due to improper handling of .mmm arrangement files. The vulnerability arises from an unsafe strcpy() operation that fails to validate input length, allowing attackers to overwrite the Structured Exception Handler (SEH). By crafting a malicious .mmm file, an attacker can trigger the overflow when the file is opened, potentially leading to arbitrary code execution. This vulnerability was remediated in version 17.
by Metasploit
By Source