Exploitdb Exploits
50,095 exploits tracked across all sources.
Battlefield 2/2142 - Packet Null Pointer Dereference Remote Denial of Service
by Luigi Auriemma
iOS SideBooks 1.0 - Directory Traversal
by R3d@l3rt_ Sp@2K_ Sunlight
iOS FtpDisc 1.0 - Directory Traversal
by R3d@l3rt_ Sp@2K_ Sunlight
Woltlab Burning Board 2.3.6 Addon - 'hilfsmittel.php' SQL Injection
by Crazyball
Batavi 1.0 - Multiple Local File Inclusion / Cross-Site Scripting Vulnerabilities
by AutoSec Tools
IBM Lotus Sametime - stconf.nsf Cross-Site Scripting
by Dave Daly
IBM Lotus Sametime 8.0.1 - Cross-Site Scripting via stconf.nsf Parameters
Multiple cross-site scripting (XSS) vulnerabilities in stconf.nsf in the server in IBM Lotus Sametime 8.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the messageString parameter in a WebMessage action or (2) the PATH_INFO.
by Dave Daly
Icy Phoenix 1.3.0.53a - HTTP Referer Persistent Cross-Site Scripting
by Saif El-Sherei
Avira AntiVir - '.QUA' File 'avcenter.exe' Local Crash (PoC)
by KedAns-Dz
eventum issue tracking system 2.3.1 - Persistent Cross-Site Scripting
by Saif El-Sherei
Novell ZENworks Configuration Manager < 11.0 - Remote Code Execution via Long TFTP Request
Heap-based buffer overflow in novell-tftp.exe in Novell ZENworks Configuration Manager (ZCM) 10.3.1, 10.3.2, and 11.0, and earlier versions, allows remote attackers to execute arbitrary code via a long TFTP request.
by Francis Provencher
IBM Lotus Domino - Remote Code Execution via LDAP Bind Operation
Buffer overflow in nLDAP.exe in IBM Lotus Domino allows remote attackers to execute arbitrary code via a long string in an LDAP Bind operation, aka SPR KLYH87LMVX.
by Francis Provencher
WSN Guest 1.24 - SQL Injection via wsnuser Cookie
SQL injection vulnerability in the member function in classes/member.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the wsnuser cookie to index.php.
by Aliaksandr Hartsuyeu
Novell iPrint Open Enterprise Server SP2-SP3 - Remote Code Execution via LPR Opcode Buffer Overflow
Multiple stack-based buffer overflows in opt/novell/iprint/bin/ipsmd in Novell iPrint for Linux Open Enterprise Server 2 SP2 and SP3 allow remote attackers to execute arbitrary code via unspecified LPR opcodes.
by Francis Provencher
Microsoft Windows Print Spooler - Arbitrary File Write and Remote Code Execution via Crafted RPC Print Request
The Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when printer sharing is enabled, does not properly validate spooler access permissions, which allows remote attackers to create files in a system directory, and consequently execute arbitrary code, by sending a crafted print request over RPC, as exploited in the wild in September 2010, aka "Print Spooler Service Impersonation Vulnerability."
by Metasploit
Microsoft Windows <2003 - Buffer Overflow
Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers, including anonymous users, to execute arbitrary code via a crafted RPC message, a different vulnerability than CVE-2006-1314.
by Metasploit
WordPress User Photo Plugin 0.9.4 - Unrestricted File Upload
In WordPress Plugin User Photo 0.9.4, when a photo is uploaded, it is only partially validated and it is possible to upload a backdoor on the server hosting WordPress. This backdoor can be called (executed) even if the photo has not been yet approved.
by ADVtools
CVSS 8.8
PHP 5.3.5 - Denial of Service via Invalid Size Argument in grapheme_extract
The grapheme_extract function in the Internationalization extension (Intl) for ICU for PHP 5.3.5 allows context-dependent attackers to cause a denial of service (crash) via an invalid size argument, which triggers a NULL pointer dereference.
by Maksymilian Arciemowicz
By Source