Exploitdb Exploits
50,095 exploits tracked across all sources.
PHP < 5.3.6 - Denial of Service via Empty ZIP Archive in Zip Extension
The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service (NULL pointer dereference) via an empty ZIP archive that is processed with a (1) locateName or (2) statName operation.
by Maksymilian Arciemowicz
RealPlayer 11.0-11.1 and RealPlayer SP 1.0-1.1.4 - Remote Code Execution via CDDA URI Parsing
An ActiveX control in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 does not properly initialize an unspecified object component during parsing of a CDDA URI, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and application crash) via a long URI.
by Metasploit
Microsoft Source Code Analyzer for SQL Injection 1.3 - Improper Permissions
by LiquidWorm
WordPress Plugin Sodahead Polls 2.0.2 - Multiple Cross-Site Scripting Vulnerabilities
by High-Tech Bridge SA
WordPress Plugin Rating-Widget 1.3.1 - Multiple Cross-Site Scripting Vulnerabilities
by Todor Donev
ACTi ASOC 2200 Web Configurator 2.6 - Remote Command Execution
by Todor Donev
WikiWig 5.01 - Cross-Site Scripting via SpellChecker Module Parameters
Multiple cross-site scripting (XSS) vulnerabilities in spell-check-savedicts.php in the SpellChecker module in Xinha, as used in WikiWig 5.01 and possibly other products, allow remote attackers to inject arbitrary web script or HTML via the (1) to_p_dict or (2) to_r_list parameter. NOTE: this issue might be related to the htmlarea plugin and CVE-2013-5670.
by AutoSec Tools
pointter PHP content management system 1.2 - Multiple Vulnerabilities
by LiquidWorm
LotusCMS 3.0.3 - Multiple Vulnerabilities
by High-Tech Bridge SA
Oracle Java SE/Jav for Bus <6 - Info Disclosure
Unspecified vulnerability in the Deployment component in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors.
by Metasploit
Adobe ColdFusion <9.0.1 - Path Traversal
Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 and earlier allow remote attackers to read arbitrary files via the locale parameter to (1) CFIDE/administrator/settings/mappings.cfm, (2) logging/settings.cfm, (3) datasources/index.cfm, (4) j2eepackaging/editarchive.cfm, and (5) enter.cfm in CFIDE/administrator/.
by Metasploit
CVSS 9.8
HP OpenView Performance Insight Server <5.4 - RCE
HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a "hidden account" in the com.trinagy.security.XMLUserManager Java class, which allows remote attackers to execute arbitrary code via the doPost method in the com.trinagy.servlet.HelpManagerServlet class.
by Metasploit
SugarCRM < 6.1.3 - Authenticated Information Disclosure via ShowDuplicates Action
SugarCRM before 6.1.3 does not properly handle reloads and direct requests for a warning page produced by a certain duplicate check, which allows remote authenticated users to discover (1) the names of customers via a ShowDuplicates action to the Accounts module, reachable through index.php; or (2) the names of contact persons via a ShowDuplicates action to the Contacts module, reachable through index.php.
by RedTeam Pentesting GmbH
VideoLAN VLC Media Player 1.0.5 - '.ape' Denial of Service
by KedAns-Dz
Foxit PDF Reader < 4.3.1.0218 - Code Injection
Foxit PDF Reader < 4.3.1.0218 exposes a JavaScript API function, createDataObject(), that allows untrusted PDF content to write arbitrary files anywhere on disk. By embedding a malicious PDF that calls this API, an attacker can drop executables or scripts into privileged folders, leading to code execution the next time the system boots or the user logs in.
by Metasploit
By Source