Exploitdb Exploits
50,095 exploits tracked across all sources.
ABBS Electronic Flash Cards 2.1 - '.fcd' Local Buffer Overflow
by h1ch4m
ABBS Audio Media Player 3.0 - '.lst' Local Buffer Overflow (SEH)
by h1ch4m
ABBS Audio Media Player - '.m3u' / '.LST' Local Buffer Overflow
by Rh0
BoutikOne - 'search.php' Multiple SQL Injections
by cdx.security
BoutikOne - 'rss_top10.php?lang' SQL Injection
by cdx.security
BoutikOne - 'rss_promo.php?lang' SQL Injection
by cdx.security
BoutikOne - 'rss_news.php?lang' SQL Injection
by cdx.security
BoutikOne - 'rss_flash.php?lang' SQL Injection
by cdx.security
BoutikOne - 'categorie.php?path' SQL Injection
by cdx.security
Trend Micro WebReputation API 10.5 - URI SecURIty Bypass
by DcLabs Security Research Group
Linux Kernel < 2.6.36.1 - Information Disclosure via TIOCGICOUNT ioctl
The ntty_ioctl_tiocgicount function in drivers/char/nozomi.c in the Linux kernel 2.6.36.1 and earlier does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call.
by prdelka
SmarterMail 8.0 - Multiple Cross-Site Scripting Vulnerabilities
by Hoyt LLC Research
Apple Safari < 5.0 - Use-After-Free via Attribute Manipulation
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on Mac OS X 10.4, and Safari on Apple iPhone OS allows remote attackers to execute arbitrary code or cause a denial of service (application crash), or read the SMS database or other data, via vectors related to "attribute manipulation," as demonstrated by Vincenzo Iozzo and Ralf Philipp Weinmann during a Pwn2Own competition at CanSecWest 2010.
by MJ Keith
PHP < 5.3.6 - Denial of Service and Memory Disclosure via shmop_read Integer Overflow
Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (crash) and possibly read sensitive memory via a large third argument to the shmop_read function.
by Jose Carlos Norte
Accellion File Transfer Appliance MPIPE2 - Command Execution (Metasploit)
by Metasploit
Constructr CMS 3.03 - Multiple Remote Vulnerabilities
by LiquidWorm
Oracle WebLogic Server Servlet Container - Confidentiality and Integrity Impact
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.0, 9.1, 9.2.4, 10.0.2, 10.3.2, and 10.3.3 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Servlet Container.
by Roberto Suggi Liverani
SmarterStats 6.0 - Multiple Vulnerabilities
by Hoyt LLC Research
By Source