Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2011-5331 EXPLOITDB CRITICAL ruby VERIFIED
Distributed Ruby <1.8 - Code Injection
Distributed Ruby (aka DRuby) 1.8 mishandles instance_eval.
by Metasploit
CVSS 9.8
EIP-2026-119291 EXPLOITDB text
wodWebServer.NET 1.3.3 - Directory Traversal
by AutoSec Tools
EIP-2026-118554 EXPLOITDB perl VERIFIED
FLVPlayer4Free 2.9 - '.fp4f' Remote Buffer Overflow
by KedAns-Dz
EIP-2026-115229 EXPLOITDB perl VERIFIED
eXPert PDF Batch Creator 7.0.880.0 - Denial of Service
by KedAns-Dz
EIP-2026-115153 EXPLOITDB perl VERIFIED
DivX Player 7 - Multiple Remote Buffer Overflow Vulnerabilities
by KedAns-Dz
EIP-2026-113265 EXPLOITDB text VERIFIED
webEdition CMS 6.1.0.2 - Multiple Vulnerabilities
by AutoSec Tools
EIP-2026-112158 EXPLOITDB text VERIFIED
SimplisCMS 1.0.3.0 - Multiple Vulnerabilities
by NassRawI
EIP-2026-110336 EXPLOITDB text VERIFIED
OrangeHRM 2.6.2 - 'jobVacancy.php' Cross-Site Scripting
by AutoSec Tools
EIP-2026-105790 EXPLOITDB text VERIFIED
Cetera eCommerce - Multiple Cross-Site Scripting / SQL Injections
by MustLive
EIP-2026-104060 EXPLOITDB perl VERIFIED
RealPlayer 11 - '.rmp' Remote Buffer Overflow
by KedAns-Dz
CVE-2010-3275 EXPLOITDB ruby VERIFIED
VideoLAN VLC Media Player <1.1.8 - RCE
libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an AMV file, related to a "dangling pointer vulnerability."
by Metasploit
EIP-2026-107043 EXPLOITDB text
Family Connections CMS 2.3.2 - Persistent Cross-Site Scripting / XML Injection
by LiquidWorm
CVE-2010-1555 EXPLOITDB ruby VERIFIED
HP OpenView Network Node Manager <7.53 - Buffer Overflow
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid Hostname parameter.
by Metasploit
EIP-2026-107041 EXPLOITDB text VERIFIED
Family Connections 2.3.2 - 'subject' HTML Injection
by Zero Science Lab
CVE-2011-0267 EXPLOITDB ruby VERIFIED
HP OpenView Network Node Manager 7.51, 7.53 - Remote Code Execution via Long schdParams or nameParams
Multiple buffer overflows in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allow remote attackers to execute arbitrary code via a long (1) schdParams or (2) nameParams parameter, a different vulnerability than CVE-2011-0266.
by Metasploit
CVE-2010-1553 EXPLOITDB ruby VERIFIED
HP OpenView Network Node Manager <7.53 - Buffer Overflow
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid MaxAge parameter.
by Metasploit
CVE-2010-1554 EXPLOITDB ruby VERIFIED
HP OpenView Network Node Manager <7.53 - Buffer Overflow
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid iCount parameter.
by Metasploit
EIP-2026-114958 EXPLOITDB python
Avaya IP Office Manager 8.1 TFTP - Denial of Service
by Craig Freyman
EIP-2026-112527 EXPLOITDB text VERIFIED
SyndeoCMS 2.8.02 - Multiple Vulnerabilities (2)
by High-Tech Bridge SA
EIP-2026-111774 EXPLOITDB text VERIFIED
Ripe Website Manager 1.1 - Cross-Site Scripting / Multiple SQL Injections
by High-Tech Bridge SA
EIP-2026-109882 EXPLOITDB text VERIFIED
netjukebox 4.01B/5.25 - 'skin' Cross-Site Scripting
by AutoSec Tools
EIP-2026-109368 EXPLOITDB text VERIFIED
MC Content Manager 10.1.1 - Multiple Cross-Site Scripting Vulnerabilities
by MustLive
EIP-2026-107477 EXPLOITDB text VERIFIED
GrapeCity Data Dynamics Reports 1.6.2084.14 - Multiple Cross-Site Scripting Vulnerabilities
by Dionach
CVE-2011-5330 EXPLOITDB CRITICAL ruby VERIFIED
Distributed Ruby <1.8 - Buffer Overflow
Distributed Ruby (aka DRuby) 1.8 mishandles the sending of syscalls.
by Metasploit
CVSS 9.8
CVE-2011-0545 EXPLOITDB text
Symantec LiveUpdate Administrator < 2.3 - Cross-Site Request Forgery via adduser.do
Cross-site request forgery (CSRF) vulnerability in adduser.do in Symantec LiveUpdate Administrator (LUA) before 2.3 allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts, and possibly have unspecified other impact, via the userRole parameter.
by Nikolas Sotiriu