Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-116159 EXPLOITDB perl
Real player 14.0.2.633 - Buffer Overflow (Denial of Service) (PoC)
by ^Xecuti0N3r
EIP-2026-115339 EXPLOITDB perl
GOM Media Player 2.1.6.3499 - Buffer Overflow (Denial of Service) (PoC)
by ^Xecuti0N3r
CVE-2011-1670 EXPLOITDB text VERIFIED
InTerra Blog Machine 1.84 - Cross-Site Scripting via Subject Parameter
Cross-site scripting (XSS) vulnerability in actions/add.php in InTerra Blog Machine 1.84, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the subject parameter to post_url/edit.
by High-Tech Bridge SA
EIP-2026-107072 EXPLOITDB text VERIFIED
Feng Office 1.7.3.3 - Cross-Site Request Forgery
by High-Tech Bridge SA
CVE-2011-1668 EXPLOITDB text VERIFIED
AR Web Content Manager 2.1, 2.2 - Cross-Site Scripting via Search Parameter
Cross-site scripting (XSS) vulnerability in search.php in AR Web Content Manager (AWCM) 2.1, 2.2, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the search parameter.
by Antu Sanadi
EIP-2026-105113 EXPLOITDB html
Allomani Web Links 1.0 - Cross-Site Request Forgery (Add Admin)
by AtT4CKxT3rR0r1ST
EIP-2026-105112 EXPLOITDB html
Allomani Super MultiMedia Library 2.5.0 - Cross-Site Request Forgery (Add Admin)
by AtT4CKxT3rR0r1ST
EIP-2026-105109 EXPLOITDB html
Allomani News 1.0 - Cross-Site Request Forgery (Add Admin)
by AtT4CKxT3rR0r1ST
EIP-2026-105108 EXPLOITDB html
Allomani Movies Library 2.0 - Cross-Site Request Forgery (Add Admin)
by AtT4CKxT3rR0r1ST
EIP-2026-105107 EXPLOITDB html
Allomani E-Store 1.0 - Cross-Site Request Forgery (Add Admin) (2)
by AtT4CKxT3rR0r1ST
EIP-2026-105105 EXPLOITDB html
Allomani Audio and Video Library 2.7.0 - Cross-Site Request Forgery (Add Admin)
by AtT4CKxT3rR0r1ST
CVE-2011-1547 EXPLOITDB c VERIFIED
NetBSD 4.0-5.1.1 - Memory Corruption
Multiple stack consumption vulnerabilities in the kernel in NetBSD 4.0, 5.0 before 5.0.3, and 5.1 before 5.1.1, when IPsec is enabled, allow remote attackers to cause a denial of service (memory corruption and panic) or possibly have unspecified other impact via a crafted (1) IPv4 or (2) IPv6 packet with nested IPComp headers.
by Tavis Ormandy
EIP-2026-115857 EXPLOITDB python VERIFIED
MoviePlay 4.82 - '.avi' Buffer Overflow
by ^Xecuti0N3r
EIP-2026-115806 EXPLOITDB perl VERIFIED
Microsoft Windows Media Player 11.0.5721.5145 - '.avi' Buffer Overflow
by ^Xecuti0N3r
CVE-2011-1665 EXPLOITDB text
PHPBoost 3.0 - Unauthenticated Sensitive Information Exposure via Predictable Backup Filenames
PHPBoost 3.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain backup SQL files via a direct request for predictable filenames in cache/backup/.
by KedAns-Dz
CVE-2011-1670 EXPLOITDB text VERIFIED
InTerra Blog Machine 1.84 - Cross-Site Scripting via Subject Parameter
Cross-site scripting (XSS) vulnerability in actions/add.php in InTerra Blog Machine 1.84, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the subject parameter to post_url/edit.
by High-Tech Bridge SA
EIP-2026-106059 EXPLOITDB text VERIFIED
Collabtive 0.6.5 - Multiple Remote Input Validation Vulnerabilities
by High-Tech Bridge SA
EIP-2026-115601 EXPLOITDB python VERIFIED
Media Player Classic Home Cinema 1.5.0.2827 - '.avi' Denial of Service (PoC)
by BraniX
EIP-2026-114501 EXPLOITDB text VERIFIED
YaCOMAS 0.3.6 OpenCMS - Multiple Cross-Site Scripting Vulnerabilities
by Pr@fesOr X
EIP-2026-114500 EXPLOITDB text
YaCOMAS 0.3.6 Alpha - Multiple Vulnerabilities
by Pr@fesOr X
EIP-2026-111335 EXPLOITDB text
Pligg CMS 1.1.3 - Multiple Vulnerabilities
by Jelmer de Hen
EIP-2026-107953 EXPLOITDB text VERIFIED
IrIran Shoping Script - SQL Injection
by Net.Edit0r
CVE-2011-1557 EXPLOITDB text VERIFIED
ICloudCenter ICJobSite <1.1 - SQL Injection
SQL injection vulnerability in ICloudCenter ICJobSite 1.1 allows remote attackers to execute arbitrary SQL commands via the pid parameter to an unspecified component, a different vulnerability than CVE-2011-1546. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by RoAd_KiLlEr
EIP-2026-107530 EXPLOITDB text VERIFIED
GuppY 4.6.14 - 'lng' Multiple SQL Injections
by kurdish hackers team
EIP-2026-105466 EXPLOITDB text
BigACE 2.7.5 - Arbitrary File Upload
by Net.Edit0r