Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2011-0063 EXPLOITDB text VERIFIED
Majordomo <20110203 - Path Traversal
The _list_file_get function in lib/Majordomo.pm in Majordomo 2 20110203 and earlier allows remote attackers to conduct directory traversal attacks and read arbitrary files via a ./.../ sequence in the "extra" parameter to the help command, which causes the regular expression to produce .. (dot dot) sequences. NOTE: this vulnerability is due to an incomplete fix for CVE-2011-0049.
by Michael Brooks
CVE-2011-0522 EXPLOITDB text
VLC Media Player - Remote Code Execution via Malformed Subtitle Tag in MKV File
The StripTags function in (1) the USF decoder (modules/codec/subtitles/subsdec.c) and (2) the Text decoder (modules/codec/subtitles/subsusf.c) in VideoLAN VLC Media Player 1.1 before 1.1.6-rc allows remote attackers to execute arbitrary code via a subtitle with an opening "<" without a closing ">" in an MKV file, which triggers heap memory corruption, as demonstrated using refined-australia-blu720p-sample.mkv.
by Harry Sintonen
CVE-2011-0538 EXPLOITDB text VERIFIED
Wireshark 1.2.0-1.2.14, 1.4.0-1.4.3, 1.5.0 - Use-After-Free in pcap-ng File Processing
Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed file.
by Huzaifa Sidhpurwala
CVE-2011-0900 EXPLOITDB perl VERIFIED
Terminal Server Client 0.150 - Stack-based Buffer Overflow via Long Hostname in .RDP File
Stack-based buffer overflow in the tsc_launch_remote function (src/support.c) in Terminal Server Client (tsclient) 0.150, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via a .RDP file with a long hostname argument.
by D3V!L FUCKER
CVE-2008-4654 EXPLOITDB ruby VERIFIED
VLC Media Player 0.9.0-0.9.4 - Stack-Based Buffer Overflow in Ty Demux Plugin
Stack-based buffer overflow in the parse_master function in the Ty demux plugin (modules/demux/ty.c) in VLC Media Player 0.9.0 through 0.9.4 allows remote attackers to execute arbitrary code via a TiVo TY media file with a header containing a crafted size value.
by Metasploit
CVE-2011-0535 EXPLOITDB text VERIFIED
Zikula Application Framework < 1.2.5 - Cross-Site Request Forgery via Users Module
Cross-site request forgery (CSRF) vulnerability in the Users module in Zikula before 1.2.5 allows remote attackers to hijack the authentication of administrators for requests that change account privileges via an edit access_permissions action to index.php.
by Aung Khant
EIP-2026-112567 EXPLOITDB text VERIFIED
TCExam 11.1.16 - 'user_password' Cross-Site Scripting
by AutoSec Tools
CVE-2011-5313 EXPLOITDB text VERIFIED
Redaxscript 0.3.2 - SQL Injection via Password Reset Parameters
Multiple SQL injection vulnerabilities in includes/password.php in Redaxscript 0.3.2 allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) password parameter to the password_reset program.
by High-Tech Bridge SA
EIP-2026-111669 EXPLOITDB text VERIFIED
Raja Natarajan Guestbook 1.0 - Local File Inclusion
by h0rd
EIP-2026-105457 EXPLOITDB text VERIFIED
Betsy 4.0 - 'page' Local File Inclusion
by MizoZ
CVE-2011-0901 EXPLOITDB perl VERIFIED
Terminal Server Client 0.150 - Stack-Based Buffer Overflow via Long RDP File Arguments
Multiple stack-based buffer overflows in the tsc_launch_remote function (src/support.c) in Terminal Server Client (tsclient) 0.150, and possibly other versions, allow user-assisted remote attackers to execute arbitrary code via a .RDP file with a long (1) username, (2) password, or (3) domain argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by D3V!L FUCKER
CVE-2011-0354 EXPLOITDB text VERIFIED
Cisco Tandberg C Series & E/EX Units < TC4.0.0 - Unauthenticated Root Access
The default configuration of Cisco Tandberg C Series Endpoints, and Tandberg E and EX Personal Video units, with software before TC4.0.0 has a blank password for the root account, which makes it easier for remote attackers to obtain access via an unspecified login method.
by Cisco Security
EIP-2026-100057 EXPLOITDB c VERIFIED
Google Android 1.x/2.x - Local Privilege Escalation
by The Android Exploid Crew
EIP-2026-100052 EXPLOITDB c VERIFIED
Android 1.x/2.x HTC Wildfire - Local Privilege Escalation
by The Android Exploid Crew
EIP-2026-116977 EXPLOITDB python VERIFIED
CodeBlocks 8.02 - 'cbp' Local Buffer Overflow
by sup3r
EIP-2026-114109 EXPLOITDB text VERIFIED
WordPress Plugin TagNinja 1.0 - 'id' Cross-Site Scripting
by AutoSec Tools
EIP-2026-112720 EXPLOITDB text
TinyWebGallery 1.8.3 - Multiple Vulnerabilities
by Yam Mesicka
EIP-2026-112719 EXPLOITDB text VERIFIED
TinyWebGallery 1.8.3 - Cross-Site Scripting / Local File Inclusion
by Yam Mesicka
EIP-2026-111376 EXPLOITDB text VERIFIED
PMB Services 3.4.3 - SQL Injection
by Luchador
EIP-2026-109883 EXPLOITDB php
NetLink - Arbitrary File Upload
by lumut--
CVE-2011-4280 EXPLOITDB text VERIFIED
Moodle 2.0-2.0.2 - Cross-Site Scripting via Spike PHPCoverage Library
Cross-site scripting (XSS) vulnerability in the Spike PHPCoverage (aka spikephpcoverage) library, as used in Moodle 2.0.x before 2.0.2 and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
by AutoSec Tools
EIP-2026-108353 EXPLOITDB text VERIFIED
Joomla! Component com_frontenduseraccess - Local File Inclusion
by wishnusakti
EIP-2026-108307 EXPLOITDB text VERIFIED
Joomla! Component com_clan_members - 'id' SQL Injection
by FL0RiX
EIP-2026-108176 EXPLOITDB text VERIFIED
Joomla! 1.5/1.6 - JFilterInput Cross-Site Scripting Bypass
by Jeff Channell
EIP-2026-104915 EXPLOITDB text VERIFIED
ACollab - 't' SQL Injection
by AutoSec Tools