Exploitdb Exploits
50,095 exploits tracked across all sources.
Gesytec ElonFmt ActiveX 1.1.14 - 'ElonFmt.ocx' pid Item Buffer Overflow (SEH)
by LiquidWorm
ZenPhoto 1.4.0.3 - '_zp_themeroot' Multiple Cross-Site Scripting Vulnerabilities
by High-Tech Bridge SA
SyCtel Design - 'menu' Multiple Local File Inclusions
by Ashiyane Digital Security Team
LightNEasy 3.2.3 - 'userhandle' Cookie SQL Injection
by AutoSec Tools
Yahoo! CD Player - ActiveX Control 'open()' Method Stack Buffer Overflow
by shinnai
SocialCMS 1.0.2 - Cross-Site Request Forgery in Administrator Account Management
Multiple cross-site request forgery (CSRF) vulnerabilities in SocialCMS 1.0.2 allow remote attackers to hijack the authentication of administrators for requests that (1) add administrator accounts via a member_new action to my_admin/admin1_members.php or (2) modify the default site title via a save action to my_admin/admin1_configuration.php.
by vir0e5
docuFORM Mercury WebApp 6.16a/5.20 - Multiple Cross-Site Scripting Vulnerabilities
by LiquidWorm
Automagick Tube Script 1.4.4 - 'module' Cross-Site Scripting
by Kurd-Team
Wireshark 1.4.x < 1.4.5 - Stack-Based Buffer Overflow in DECT Dissector
Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file.
by Metasploit
Adobe Flash Player
Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.
by Abysssec
Wireshark 1.4.x < 1.4.5 - Stack-Based Buffer Overflow in DECT Dissector
Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file.
by Metasploit
IBM Tivoli Directory Server 5.2-6.3 - Remote Code Execution via Crafted LDAP Request
Stack-based buffer overflow in the server process in ibmslapd.exe in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-IF0010, 6.0 before 6.0.0.67 (aka 6.0.0.8-TIV-ITDS-IF0009), 6.1 before 6.1.0.40 (aka 6.1.0.5-TIV-ITDS-IF0003), 6.2 before 6.2.0.16 (aka 6.2.0.3-TIV-ITDS-IF0002), and 6.3 before 6.3.0.3 (aka 6.3.0.0-TIV-ITDS-IF0003) allows remote attackers to execute arbitrary code via a crafted LDAP request. NOTE: some of these details are obtained from third party information.
by Francis Provencher
WordPress Plugin WP-StarsRateBox 1.1 - 'j' SQL Injection
by High-Tech Bridge SA
webSPELL 4.2.2a - Multiple Cross-Site Scripting Vulnerabilities
by High-Tech Bridge SA
Ultra Marketing Enterprises CMS and Cart - Multiple SQL Injections
by eXeSoul
dalbum 1.43 - Multiple Vulnerabilities
by High-Tech Bridge SA
Dalbum 1.43 - 'editini.php' Cross-Site Scripting
by High-Tech Bridge SA
CRESUS - 'recette_detail.php' SQL Injection
by GrayHatz Security Group
ChatLakTurk PHP Botlu Video - 'ara.php' Cross-Site Scripting
by kurdish hackers team
Oracle JD Edwards EnterpriseOne <8.98.4.1 - Info Disclosure
Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 allows remote authenticated users to affect integrity, related to Web Runtime SEC.
by Juan Manuel Garcia
Oracle JD Edwards EnterpriseOne <8.98.4.1 - Info Disclosure
Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 allows remote authenticated users to affect integrity, related to Web Runtime SEC.
by Juan Manuel Garcia
Oracle JD Edwards EnterpriseOne <8.98.4.1 - Info Disclosure
Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 allows remote authenticated users to affect integrity, related to Web Runtime SEC.
by Juan Manuel Garcia
Oracle JD Edwards EnterpriseOne <8.98.4.1 - Info Disclosure
Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 allows remote authenticated users to affect integrity, related to Web Runtime SEC.
by Juan Manuel Garcia
Oracle JD Edwards EnterpriseOne <8.98.4.1 - Info Disclosure
Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 allows remote authenticated users to affect integrity, related to Web Runtime SEC.
by Juan Manuel Garcia
By Source