Exploitdb Exploits
50,095 exploits tracked across all sources.
Real player 14.0.2.633 - Buffer Overflow (Denial of Service) (PoC)
by ^Xecuti0N3r
GOM Media Player 2.1.6.3499 - Buffer Overflow (Denial of Service) (PoC)
by ^Xecuti0N3r
InTerra Blog Machine 1.84 - Cross-Site Scripting via Subject Parameter
Cross-site scripting (XSS) vulnerability in actions/add.php in InTerra Blog Machine 1.84, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the subject parameter to post_url/edit.
by High-Tech Bridge SA
Feng Office 1.7.3.3 - Cross-Site Request Forgery
by High-Tech Bridge SA
AR Web Content Manager 2.1, 2.2 - Cross-Site Scripting via Search Parameter
Cross-site scripting (XSS) vulnerability in search.php in AR Web Content Manager (AWCM) 2.1, 2.2, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the search parameter.
by Antu Sanadi
Allomani Web Links 1.0 - Cross-Site Request Forgery (Add Admin)
by AtT4CKxT3rR0r1ST
Allomani Super MultiMedia Library 2.5.0 - Cross-Site Request Forgery (Add Admin)
by AtT4CKxT3rR0r1ST
Allomani News 1.0 - Cross-Site Request Forgery (Add Admin)
by AtT4CKxT3rR0r1ST
Allomani Movies Library 2.0 - Cross-Site Request Forgery (Add Admin)
by AtT4CKxT3rR0r1ST
Allomani E-Store 1.0 - Cross-Site Request Forgery (Add Admin) (2)
by AtT4CKxT3rR0r1ST
Allomani Audio and Video Library 2.7.0 - Cross-Site Request Forgery (Add Admin)
by AtT4CKxT3rR0r1ST
NetBSD 4.0-5.1.1 - Memory Corruption
Multiple stack consumption vulnerabilities in the kernel in NetBSD 4.0, 5.0 before 5.0.3, and 5.1 before 5.1.1, when IPsec is enabled, allow remote attackers to cause a denial of service (memory corruption and panic) or possibly have unspecified other impact via a crafted (1) IPv4 or (2) IPv6 packet with nested IPComp headers.
by Tavis Ormandy
Microsoft Windows Media Player 11.0.5721.5145 - '.avi' Buffer Overflow
by ^Xecuti0N3r
PHPBoost 3.0 - Unauthenticated Sensitive Information Exposure via Predictable Backup Filenames
PHPBoost 3.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain backup SQL files via a direct request for predictable filenames in cache/backup/.
by KedAns-Dz
InTerra Blog Machine 1.84 - Cross-Site Scripting via Subject Parameter
Cross-site scripting (XSS) vulnerability in actions/add.php in InTerra Blog Machine 1.84, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the subject parameter to post_url/edit.
by High-Tech Bridge SA
Collabtive 0.6.5 - Multiple Remote Input Validation Vulnerabilities
by High-Tech Bridge SA
Media Player Classic Home Cinema 1.5.0.2827 - '.avi' Denial of Service (PoC)
by BraniX
YaCOMAS 0.3.6 OpenCMS - Multiple Cross-Site Scripting Vulnerabilities
by Pr@fesOr X
ICloudCenter ICJobSite <1.1 - SQL Injection
SQL injection vulnerability in ICloudCenter ICJobSite 1.1 allows remote attackers to execute arbitrary SQL commands via the pid parameter to an unspecified component, a different vulnerability than CVE-2011-1546. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by RoAd_KiLlEr
GuppY 4.6.14 - 'lng' Multiple SQL Injections
by kurdish hackers team
By Source