Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-101326 EXPLOITDB text
iphone ishred 1.93 - Directory Traversal
by Khashayar Fereidani
EIP-2026-101324 EXPLOITDB text
iPhone Guitar - Directory Traversal
by Khashayar Fereidani
EIP-2026-100696 EXPLOITDB text VERIFIED
Alcassoft's SOPHIA CMS - SQL Injection
by p0pc0rn
CVE-2006-2961 EXPLOITDB ruby VERIFIED
CesarFTP <= 0.99g - Stack-Based Buffer Overflow via MKD Command
Stack-based buffer overflow in CesarFTP 0.99g and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long MKD command. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
by Metasploit
EIP-2026-114290 EXPLOITDB text
WordPress Plugin Z-Vote 1.1 - SQL Injection
by High-Tech Bridge SA
EIP-2026-114289 EXPLOITDB text VERIFIED
WordPress Plugin YT-Audio 1.7 - 'v' Cross-Site Scripting
by AutoSec Tools
EIP-2026-113820 EXPLOITDB text VERIFIED
WordPress Plugin IGIT Posts Slider Widget 1.0 - 'src' Cross-Site Scripting
by AutoSec Tools
EIP-2026-113638 EXPLOITDB text VERIFIED
WordPress Plugin Comment Rating 2.9.23 - Multiple Vulnerabilities
by High-Tech Bridge SA
EIP-2026-113636 EXPLOITDB text VERIFIED
WordPress Plugin ComicPress Manager 1.4.9 - 'lang' Cross-Site Scripting
by AutoSec Tools
EIP-2026-113094 EXPLOITDB text VERIFIED
VidiScript - SQL Injection
by ThEtA.Nu
EIP-2026-112762 EXPLOITDB text VERIFIED
tplSoccerStats - 'player.php' SQL Injection
by AtT4CKxT3rR0r1ST
EIP-2026-111552 EXPLOITDB python
ProQuiz 2.0.0b - Arbitrary File Upload
by AutoSec Tools
EIP-2026-107688 EXPLOITDB text VERIFIED
Hyena Cart - 'index.php' SQL Injection
by AtT4CKxT3rR0r1ST
EIP-2026-106593 EXPLOITDB text VERIFIED
Drupal Module Cumulus 5.x-1.1/6.x-1.4 - 'tagcloud' Cross-Site Scripting
by MustLive
EIP-2026-106193 EXPLOITDB text
course registration management system 2.1 - Multiple Vulnerabilities
by AutoSec Tools
EIP-2026-105496 EXPLOITDB text VERIFIED
Bitweaver 2.8.1 - Persistent Cross-Site Scripting
by lemlajt
EIP-2026-102729 EXPLOITDB text VERIFIED
RedHat Linux - Stickiness of /tmp
by Tavis Ormandy
CVE-2011-10029 EXPLOITDB HIGH perl VERIFIED
Solar FTP Server < 2.1.1 - Denial of Service via USER Command Format String
Solar FTP Server fails to properly handle format strings passed to the USER command. When a specially crafted string containing format specifiers is sent, the server crashes due to a read access violation in the __output_1() function of sfsservice.exe. This results in a denial of service (DoS) condition.
by x000
CVE-2010-3765 EXPLOITDB CRITICAL ruby VERIFIED
Mozilla Firefox 3.5.x-3.5.14 and 3.6.x-3.6.11 - Remote Code Execution via nsCSSFrameConstructor
Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware.
by Metasploit
CVSS 9.8
EIP-2026-116554 EXPLOITDB python VERIFIED
WinMerge 2.12.4 - Project File Handling Stack Overflow
by LiquidWorm
EIP-2026-113783 EXPLOITDB text VERIFIED
WordPress Plugin GD Star Rating 1.9.7 - 'wpfn' Cross-Site Scripting
by High-Tech Bridge SA
EIP-2026-112960 EXPLOITDB text VERIFIED
Vanilla Forums 2.0.17.x - 'p' Cross-Site Scripting
by Aung Khant
CVE-2011-1106 EXPLOITDB text VERIFIED
IBM Lotus Sametime - Stored Cross-Site Scripting via stcenter.nsf authReasonCode Parameter
Cross-site scripting (XSS) vulnerability in stcenter.nsf in the server in IBM Lotus Sametime allows remote attackers to inject arbitrary web script or HTML via the authReasonCode parameter in an OpenDatabase action.
by andrew
EIP-2026-107329 EXPLOITDB text
Galilery 1.0 - Local File Inclusion
by lemlajt
EIP-2026-106556 EXPLOITDB text
dotProject 2.1.5 - Multiple Vulnerabilities
by lemlajt