Exploitdb Exploits
50,095 exploits tracked across all sources.
Microsoft Windows Fax Services Cover Page Editor <5.2 r2 - RCE
Heap-based buffer overflow in the CDrawPoly::Serialize function in fxscover.exe in Microsoft Windows Fax Services Cover Page Editor 5.2 r2 in Windows XP Professional SP3, Server 2003 R2 Enterprise Edition SP2, and Windows 7 Professional allows remote attackers to execute arbitrary code via a long record in a Fax Cover Page (.cov) file. NOTE: some of these details are obtained from third party information.
by rgod
OpenClassifieds 1.7.0.3 - Chained: Captcha Bypass / SQL Injection / Persistent Cross-Site Scripting on FrontPage
by Michael Brooks
HotWeb Scripts HotWeb Rentals - 'PageId' SQL Injection
by non customers
Coppermine Photo Gallery <1.5.10 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Coppermine Photo Gallery 1.5.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) h and (2) t parameters to help.php, or (3) picfile_XXX parameter to searchnew.php.
by waraxe
Coppermine Photo Gallery <1.5.10 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Coppermine Photo Gallery 1.5.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) h and (2) t parameters to help.php, or (3) picfile_XXX parameter to searchnew.php.
by waraxe
Mongoose 2.11 - 'Content-Length' HTTP Header Remote Denial of Service
by JohnLeitch
Web@all 1.1 - Remote Admin Settings Change
by Giuseppe D'Inverno
LiveZilla 3.2.0.2 - Cross-Site Scripting via livezilla Parameter in server.php
Cross-site scripting (XSS) vulnerability in the lz_tracking_set_sessid function in templates/jscript/jstrack.tpl in LiveZilla 3.2.0.2 allows remote attackers to inject arbitrary web script or HTML via the livezilla parameter in a track action to server.php.
by Ulisses Castro
Sigma Portal - 'ShowObjectPicture.aspx' Denial of Service
by Pouya Daneshmand
Kolibri 2.0 - Remote Code Execution via Long URI in HEAD Request
Stack-based buffer overflow in Kolibri 2.0 allows remote attackers to execute arbitrary code via a long URI in a HEAD request.
by TheLeader
CruxCMS 3.0 - Multiple Input Validation Vulnerabilities
by ToXiC
NIPrint 4.10 - Remote Code Execution via Long String to TCP Port 515
Buffer overflow in NIPrint 4.10 allows remote attackers to execute arbitrary code via a long string to TCP port 515.
by Metasploit
Vacation Rental Script 4.0 - Cross-Site Request Forgery
by OnurTURKESHAN
Pligg CMS 1.1.2 - Blind SQL Injection / Cross-Site Scripting
by Michael Brooks
LoveCMS 1.6.2 Final - Multiple Local File Inclusions
by cOndemned
By Source