Exploitdb Exploits
50,095 exploits tracked across all sources.
CesarFTP <= 0.99g - Stack-Based Buffer Overflow via MKD Command
Stack-based buffer overflow in CesarFTP 0.99g and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long MKD command. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
by Metasploit
WordPress Plugin YT-Audio 1.7 - 'v' Cross-Site Scripting
by AutoSec Tools
WordPress Plugin IGIT Posts Slider Widget 1.0 - 'src' Cross-Site Scripting
by AutoSec Tools
WordPress Plugin Comment Rating 2.9.23 - Multiple Vulnerabilities
by High-Tech Bridge SA
WordPress Plugin ComicPress Manager 1.4.9 - 'lang' Cross-Site Scripting
by AutoSec Tools
tplSoccerStats - 'player.php' SQL Injection
by AtT4CKxT3rR0r1ST
Drupal Module Cumulus 5.x-1.1/6.x-1.4 - 'tagcloud' Cross-Site Scripting
by MustLive
course registration management system 2.1 - Multiple Vulnerabilities
by AutoSec Tools
Bitweaver 2.8.1 - Persistent Cross-Site Scripting
by lemlajt
Solar FTP Server < 2.1.1 - Denial of Service via USER Command Format String
Solar FTP Server fails to properly handle format strings passed to the USER command. When a specially crafted string containing format specifiers is sent, the server crashes due to a read access violation in the __output_1() function of sfsservice.exe. This results in a denial of service (DoS) condition.
by x000
Mozilla Firefox 3.5.x-3.5.14 and 3.6.x-3.6.11 - Remote Code Execution via nsCSSFrameConstructor
Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware.
by Metasploit
CVSS 9.8
WinMerge 2.12.4 - Project File Handling Stack Overflow
by LiquidWorm
WordPress Plugin GD Star Rating 1.9.7 - 'wpfn' Cross-Site Scripting
by High-Tech Bridge SA
Vanilla Forums 2.0.17.x - 'p' Cross-Site Scripting
by Aung Khant
IBM Lotus Sametime - Stored Cross-Site Scripting via stcenter.nsf authReasonCode Parameter
Cross-site scripting (XSS) vulnerability in stcenter.nsf in the server in IBM Lotus Sametime allows remote attackers to inject arbitrary web script or HTML via the authReasonCode parameter in an OpenDatabase action.
by andrew
By Source