Exploitdb Exploits
50,095 exploits tracked across all sources.
YaPiG 0.95 - Multiple Cross-Site Scripting Vulnerabilities
by High-Tech Bridge SA
Web Auction 0.3.6 - 'lang' Cross-Site Scripting
by AutoSec Tools
Time and Expense Management System - Multiple Vulnerabilities
by AutoSec Tools
SelectaPix 1.4.1 - 'uploadername' Cross-Site Scripting
by High-Tech Bridge SA
Horizon Web Builder - 'fshow.php' SQL Injection
by Iolo Morganwg
GoT.MY (Multiple Products) - 'theme_dir' Cross-Site Scripting
by Hector.x90
E2 Photo Gallery 0.9 - 'index.php' Cross-Site Scripting
by High-Tech Bridge SA
Perl 5.10.x DoS via NULL Pointer Dereference in getpeername, readdir, closedir, getsockname, rewinddir, tell, or telldir
Perl 5.10.x allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an ability to inject arguments into a (1) getpeername, (2) readdir, (3) closedir, (4) getsockname, (5) rewinddir, (6) tell, or (7) telldir function call.
by Jonathan Brossard
Proofpoint Protection Server 5.5.5 - 'process.cgi' Cross-Site Scripting
by Karan Khosla
OpenMyZip 0.1 - '.zip' Remote Buffer Overflow
by C4SS!0 G0M3S
LDAP Account Manager 3.4.0 - 'selfserviceSaveOk' Cross-Site Scripting
by AutoSec Tools
Exponent CMS 2.0 Beta 1.1 - Cross-Site Request Forgery (Add Administrator Account)
by outlaw.dll
Asterisk 1.8.x - SIP INVITE Request User Enumeration
by Francesco Tornieri
LANSA aXes Web Terminal TN5250 - 'axes_default.css' Cross-Site Scripting
by Patrick Webster
TCExam 11.1.29 - 'tce_xml_user_results.php' Multiple SQL Injections
by AutoSec Tools
MJM Core Player 2011 - Buffer Overflow
MJM Core Player (likely now referred to as MJM Player) 2011 is vulnerable to a stack-based buffer overflow when parsing specially crafted .s3m music files. The vulnerability arises from improper bounds checking in the file parser, allowing an attacker to overwrite memory on the stack and execute arbitrary code. Exploitation is triggered when a user opens a malicious .s3m file, and the exploit bypasses DEP and ASLR protections using a ROP chain.
by Metasploit
MJM QuickPlayer 2010 - Stack-based Buffer Overflow via Malicious S3M File
MJM QuickPlayer (also known as MJM Player) version 2010 contains a stack-based buffer overflow vulnerability triggered by opening a malicious .s3m music file. The flaw occurs due to improper bounds checking in the file parser, allowing an attacker to overwrite memory and execute arbitrary code. Exploitation is achieved via a crafted payload that bypasses DEP and ASLR protections using ROP techniques, and requires user interaction to open the file.
by Metasploit
Tine 2.0 - 'vbook.php' Cross-Site Scripting
by AutoSec Tools
Microsoft Excel - Memory Corruption
Stack-based buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code via vectors related to an axis properties record, and improper incrementing of an array index, aka "Excel Array Indexing Vulnerability."
by webDEViL
phpGraphy 0.9.13b - Multiple Vulnerabilities
by High-Tech Bridge SA
OProfile < 0.9.6 - Local Privilege Escalation via Eval Injection in opcontrol
utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to conduct eval injection attacks and gain privileges via shell metacharacters in the -e argument.
by Stephane Chauveau
By Source