Exploitdb Exploits
50,095 exploits tracked across all sources.
Subtitle Processor 7.7.1 - Buffer Overflow
Subtitle Processor 7.7.1 contains a buffer overflow vulnerability in its .m3u file parser. When a crafted playlist file is opened, the application converts input to Unicode and copies it to a fixed-size stack buffer without proper bounds checking. This allows an attacker to overwrite the Structured Exception Handler (SEH) and execute arbitrary code.
by Metasploit
NetOp Remote Control Client 9.5 - Stack-based Buffer Overflow via .dws Configuration File
NetOp (now part of Impero Software) Remote Control Client v9.5 is vulnerable to a stack-based buffer overflow when processing .dws configuration files. If a .dws file contains a string longer than 520 bytes, the application fails to perform proper bounds checking, allowing an attacker to execute arbitrary code when the file is opened.
by chap0
WordPress Plugin WP Photo Album 1.5.1 - 'id' Cross-Site Scripting
by High-Tech Bridge SA
WordPress Plugin Daily Maui Photo Widget 0.2 - Multiple Cross-Site Scripting Vulnerabilities
by High-Tech Bridge SA
phpGraphy 0.9.13b - 'theme_dir' Cross-Site Scripting
by High-Tech Bridge SA
eyeos 1.9.0.2 - Persistent Cross-Site Scripting Using Image Files
by Alberto Ortega
ClanSphere 2011.0 - Local File Inclusion / Arbitrary File Upload
by KedAns-Dz
libmodplug <0.8.8.3 - Buffer Overflow
Multiple stack-based buffer overflows in the (1) abc_new_macro and (2) abc_new_umacro functions in src/load_abc.cpp in libmodplug before 0.8.8.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ABC file. NOTE: some of these details are obtained from third party information.
by epiphant
BackupPC 3.x - 'index.cgi' Multiple Cross-Site Scripting Vulnerabilities
by High-Tech Bridge SA
Subtitle Processor 7.7.1 - Buffer Overflow
Subtitle Processor 7.7.1 contains a buffer overflow vulnerability in its .m3u file parser. When a crafted playlist file is opened, the application converts input to Unicode and copies it to a fixed-size stack buffer without proper bounds checking. This allows an attacker to overwrite the Structured Exception Handler (SEH) and execute arbitrary code.
by Brandon Murphy
EMC HomeBase Server 6.2.x < 6.2.3 and 6.3.x < 6.3.2 - Path Traversal and Arbitrary File Write
Directory traversal vulnerability in the SSL Service in EMC HomeBase Server 6.2.x before 6.2.3 and 6.3.x before 6.3.2 allows remote attackers to overwrite arbitrary files with any content, and consequently execute arbitrary code, via a .. (dot dot) in an unspecified parameter.
by Metasploit
up.time Software 5 - Administration Interface Remote Authentication Bypass
by James Burton
Kusaba X 0.9 - Multiple Cross-Site Scripting Vulnerabilities
by Emilio Pinna
Cisco Unified Communications Manager <6.1.5su2-8.5.1 - SQL Injection
SQL injection vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su2, 7.x before 7.1(5)su1, 8.0 before 8.0(3), and 8.5 before 8.5(1) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtg85647.
by Alberto Revelli
WordPress Plugin WP Ajax Recent Posts 1.0.1 - 'do' Cross-Site Scripting
by High-Tech Bridge SA
WordPress Plugin Sermon Browser 0.43 - Cross-Site Scripting / SQL Injection
by Ma3sTr0-Dz
phpList 2.10.x - 'email' Cross-Site Scripting
by High-Tech Bridge SA
PHP F1 Max's Photo Album - 'showimage.php' Cross-Site Scripting
by High-Tech Bridge SA
Noah's Classifieds 5.0.4 - 'index.php' Multiple HTML Injection Vulnerabilities
by High-Tech Bridge SA
html-edit CMS 3.1.x - 'html_output' Cross-Site Scripting
by KedAns-Dz
By Source