Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-114508 EXPLOITDB text VERIFIED
YaPiG 0.95 - Multiple Cross-Site Scripting Vulnerabilities
by High-Tech Bridge SA
EIP-2026-113203 EXPLOITDB text VERIFIED
Web Auction 0.3.6 - 'lang' Cross-Site Scripting
by AutoSec Tools
EIP-2026-112687 EXPLOITDB text
Time and Expense Management System - Multiple Vulnerabilities
by AutoSec Tools
EIP-2026-111973 EXPLOITDB text VERIFIED
SelectaPix 1.4.1 - 'uploadername' Cross-Site Scripting
by High-Tech Bridge SA
EIP-2026-107620 EXPLOITDB text VERIFIED
Horizon Web Builder - 'fshow.php' SQL Injection
by Iolo Morganwg
EIP-2026-107462 EXPLOITDB text VERIFIED
GoT.MY (Multiple Products) - 'theme_dir' Cross-Site Scripting
by Hector.x90
EIP-2026-107261 EXPLOITDB html
Front Accounting 2.3.4 - Cross-Site Request Forgery
by AutoSec Tools
EIP-2026-106684 EXPLOITDB text VERIFIED
E2 Photo Gallery 0.9 - 'index.php' Cross-Site Scripting
by High-Tech Bridge SA
CVE-2011-0761 EXPLOITDB perl VERIFIED
Perl 5.10.x DoS via NULL Pointer Dereference in getpeername, readdir, closedir, getsockname, rewinddir, tell, or telldir
Perl 5.10.x allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an ability to inject arguments into a (1) getpeername, (2) readdir, (3) closedir, (4) getsockname, (5) rewinddir, (6) tell, or (7) telldir function call.
by Jonathan Brossard
EIP-2026-100883 EXPLOITDB text VERIFIED
Proofpoint Protection Server 5.5.5 - 'process.cgi' Cross-Site Scripting
by Karan Khosla
EIP-2026-118986 EXPLOITDB perl VERIFIED
OpenMyZip 0.1 - '.zip' Remote Buffer Overflow
by C4SS!0 G0M3S
EIP-2026-112789 EXPLOITDB text VERIFIED
Travel411 - SQL Injection
by Caddy-Dz
EIP-2026-110483 EXPLOITDB text VERIFIED
Parnian Opendata CMS - SQL Injection
by Alexander
EIP-2026-109083 EXPLOITDB text VERIFIED
LDAP Account Manager 3.4.0 - 'selfserviceSaveOk' Cross-Site Scripting
by AutoSec Tools
EIP-2026-106967 EXPLOITDB html
Exponent CMS 2.0 Beta 1.1 - Cross-Site Request Forgery (Add Administrator Account)
by outlaw.dll
EIP-2026-103864 EXPLOITDB text VERIFIED
Asterisk 1.8.x - SIP INVITE Request User Enumeration
by Francesco Tornieri
EIP-2026-102390 EXPLOITDB text VERIFIED
LANSA aXes Web Terminal TN5250 - 'axes_default.css' Cross-Site Scripting
by Patrick Webster
EIP-2026-112568 EXPLOITDB text VERIFIED
TCExam 11.1.29 - 'tce_xml_user_results.php' Multiple SQL Injections
by AutoSec Tools
CVE-2011-10024 EXPLOITDB HIGH ruby VERIFIED
MJM Core Player 2011 - Buffer Overflow
MJM Core Player (likely now referred to as MJM Player) 2011 is vulnerable to a stack-based buffer overflow when parsing specially crafted .s3m music files. The vulnerability arises from improper bounds checking in the file parser, allowing an attacker to overwrite memory on the stack and execute arbitrary code. Exploitation is triggered when a user opens a malicious .s3m file, and the exploit bypasses DEP and ASLR protections using a ROP chain.
by Metasploit
CVE-2011-10023 EXPLOITDB HIGH ruby VERIFIED
MJM QuickPlayer 2010 - Stack-based Buffer Overflow via Malicious S3M File
MJM QuickPlayer (also known as MJM Player) version 2010 contains a stack-based buffer overflow vulnerability triggered by opening a malicious .s3m music file. The flaw occurs due to improper bounds checking in the file parser, allowing an attacker to overwrite memory and execute arbitrary code. Exploitation is achieved via a crafted payload that bypasses DEP and ASLR protections using ROP techniques, and requires user interaction to open the file.
by Metasploit
EIP-2026-112696 EXPLOITDB text VERIFIED
Tine 2.0 - 'vbook.php' Cross-Site Scripting
by AutoSec Tools
CVE-2011-0978 EXPLOITDB python VERIFIED
Microsoft Excel - Memory Corruption
Stack-based buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code via vectors related to an axis properties record, and improper incrementing of an array index, aka "Excel Array Indexing Vulnerability."
by webDEViL
EIP-2026-111068 EXPLOITDB text VERIFIED
phpGraphy 0.9.13b - Multiple Vulnerabilities
by High-Tech Bridge SA
CVE-2011-1760 EXPLOITDB text VERIFIED
OProfile < 0.9.6 - Local Privilege Escalation via Eval Injection in opcontrol
utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to conduct eval injection attacks and gain privileges via shell metacharacters in the -e argument.
by Stephane Chauveau
EIP-2026-100570 EXPLOITDB text
SOOP Portal Raven 1.0b - SQL Injection
by Evil-Thinker