Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-103238 EXPLOITDB text VERIFIED
Viola DVR VIO-4/1000 - Multiple Directory Traversal Vulnerabilities
by QSecure
CVE-2011-1591 EXPLOITDB python VERIFIED
Wireshark 1.4.x < 1.4.5 - Stack-Based Buffer Overflow in DECT Dissector
Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file.
by sickness
EIP-2026-114463 EXPLOITDB text VERIFIED
XOOPS 2.5 - 'imagemanager.php' Local File Inclusion
by KedAns-Dz
EIP-2026-108480 EXPLOITDB text VERIFIED
Joomla! Component com_phocadownload - Local File Inclusion
by KedAns-Dz
EIP-2026-110396 EXPLOITDB text
osPHPSite - SQL Injection
by vir0e5
CVE-2007-1397 EXPLOITDB perl
fish - Stack-Based Buffer Overflow in ExtractRnick and decrypt_topic_332 Functions
Multiple stack-based buffer overflows in the (1) ExtractRnick and (2) decrypt_topic_332 functions in FiSH allow remote attackers to execute arbitrary code via long strings.
by Caleb James DeLisle
CVE-2011-0611 EXPLOITDB HIGH ruby VERIFIED
Adobe Flash Player < 10.2.154.27 - Remote Code Execution via Crafted Flash Content
Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content; as demonstrated by a Microsoft Office document with an embedded .swf file that has a size inconsistency in a "group of included constants," object type confusion, ActionScript that adds custom functions to prototypes, and Date objects; and as exploited in the wild in April 2011.
by Metasploit
CVSS 8.8
CVE-2009-0565 EXPLOITDB ruby
Microsoft Office Word 2000 SP3, 2002 SP3, 2007 SP1-SP2 - Remote Code Execution via Malformed Record
Buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a Word document with a malformed record that triggers memory corruption, aka "Word Buffer Overflow Vulnerability."
by Andrew King
EIP-2026-112014 EXPLOITDB text VERIFIED
Shape Web Solutions CMS - SQL Injection
by Ashiyane Digital Security Team
EIP-2026-105827 EXPLOITDB text VERIFIED
ChillyCMS 1.2.1 - Multiple Remote File Inclusions
by KedAns-Dz
EIP-2026-105556 EXPLOITDB text VERIFIED
Blue Hat - Sensitive Database Disclosure / SQL Injection
by ^Xecuti0N3r
EIP-2026-105437 EXPLOITDB text VERIFIED
Bedder CMS - Blind SQL Injection
by ^Xecuti0N3r
EIP-2026-104846 EXPLOITDB text VERIFIED
4Images 1.7.9 - Multiple Remote File Inclusions / SQL Injections
by KedAns-Dz
EIP-2026-100566 EXPLOITDB text
SoftXMLCMS - Arbitrary File Upload
by Alexander
EIP-2026-112611 EXPLOITDB text VERIFIED
TextAds 2.08 Script - Cross-Site Scripting
by Ashiyane Digital Security Team
EIP-2026-111839 EXPLOITDB text VERIFIED
RunCMS Module Partners - 'id' SQL Injection
by KedAns-Dz
EIP-2026-110593 EXPLOITDB text VERIFIED
PhoenixCMS 1.7 - Local File Inclusion / SQL Injection
by KedAns-Dz
EIP-2026-106223 EXPLOITDB text
cPassMan 1.82 - Arbitrary File Download
by Sense of Security
EIP-2026-105021 EXPLOITDB text VERIFIED
Agahi Advertisement CMS 4.0 - 'view_ad.php' SQL Injection
by Sepehr Security Team
EIP-2026-104453 EXPLOITDB text VERIFIED
SQL-Ledger 2.8.33 - (Authenticated) Local File Inclusion / Edit
by bitform
EIP-2026-101463 EXPLOITDB text VERIFIED
Technicolor THOMSON TG585v7 Wireless Router - 'url' Cross-Site Scripting
by Edgard Chammas
CVE-2011-5155 EXPLOITDB c VERIFIED
Help & Manual 5.5.1 Build 1296 - Privilege Escalation
Untrusted search path vulnerability in Help & Manual 5.5.1 Build 1296 allows local users to gain privileges via a Trojan horse ijl15.dll file in the current working directory, as demonstrated by a directory that contains a .hmxz, .hmxp, .hmskin, .hmx, .hm3, .hpj, .hlp, or .chm file. NOTE: some of these details are obtained from third party information.
by LiquidWorm
EIP-2026-117910 EXPLOITDB perl VERIFIED
SimplyPlay 66 - '.pls' Local Buffer Overflow
by C4SS!0 G0M3S
EIP-2026-111619 EXPLOITDB text VERIFIED
Qianbo Enterprise Web Site Management System - 'Keyword' Cross-Site Scripting
by d3c0der
EIP-2026-110920 EXPLOITDB text VERIFIED
PhpAlbum.net 0.4.1-14_fix06 - 'var3' Remote Command Execution
by High-Tech Bridge SA