Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-118163 EXPLOITDB perl VERIFIED
Word Splash Pro 9.5 - Local Buffer Overflow
by h1ch4m
EIP-2026-117636 EXPLOITDB python VERIFIED
MP3 CD Converter Professional - Local Buffer Overflow (SEH)
by C4SS!0 G0M3S
EIP-2026-114842 EXPLOITDB python VERIFIED
Accmeware MP3 Speed 5.0.9 - Denial of Service (PoC)
by 0v3r
EIP-2026-114841 EXPLOITDB python VERIFIED
Accmeware MP3 Joiner Pro 5.0.9 - Denial of Service (PoC)
by 0v3r
EIP-2026-114840 EXPLOITDB python VERIFIED
Accmeware MP3 Cut 5.0.9 - Denial of Service (PoC)
by 0v3r
EIP-2026-112944 EXPLOITDB text VERIFIED
Vacation Rental Script 4.0 - Arbitrary File Upload
by Br0ly
EIP-2026-112297 EXPLOITDB text VERIFIED
Social Share - 'postid' SQL Injection
by Aliaksandr Hartsuyeu
EIP-2026-111369 EXPLOITDB text VERIFIED
plx Ad Trader 3.2 - Authentication Bypass
by R4dc0re
EIP-2026-110883 EXPLOITDB text
PHP-Nuke MaticMarket 2.02 - Local File Inclusion
by xer0x
CVE-2010-4843 EXPLOITDB text
PHP Web Scripts Ad Manager Pro 3.0 - SQL Injection
SQL injection vulnerability in website-page.php in PHP Web Scripts Ad Manager Pro 3.0 allows remote attackers to execute arbitrary SQL commands via the pageId parameter.
by R4dc0re
CVE-2010-4619 EXPLOITDB text VERIFIED
Mafya Oyun Scrpti - SQL Injection via profil.php id Parameter
SQL injection vulnerability in profil.php in Mafya Oyun Scrpti (aka Mafia Game Script) allows remote attackers to execute arbitrary SQL commands via the id parameter.
by DeadLy DeMon
CVE-2010-4617 EXPLOITDB text VERIFIED
JotLoader 2.2.1 - Path Traversal via Section Parameter
Directory traversal vulnerability in the JotLoader (com_jotloader) component 2.2.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the section parameter to index.php.
by v3n0m
EIP-2026-107867 EXPLOITDB text VERIFIED
Inout Webmail Script - Persistent Cross-Site Scripting
by Sid3^effects
EIP-2026-100985 EXPLOITDB php
Apple iOS Safari - body alink Remote Crash
by Yakir Wizman
EIP-2026-100982 EXPLOITDB php
Apple iOS Safari - 'decodeURI' Remote Crash
by Yakir Wizman
EIP-2026-100305 EXPLOITDB text
Elcom CommunityManager.NET - Authentication Bypass
by Sense of Security
EIP-2026-108695 EXPLOITDB text VERIFIED
Joomla! Component JE Auto - Local File Inclusion
by Sid3^effects
CVE-2011-4929 EXPLOITDB ruby VERIFIED
Redmine 0.9.x-1.0.x - Remote Code Execution via Bazaar Repository Adapter
Unspecified vulnerability in the bazaar repository adapter in Redmine 0.9.x and 1.0.x before 1.0.5 allows remote attackers to execute arbitrary commands via unknown vectors.
by Metasploit
CVE-2010-4615 EXPLOITDB text VERIFIED
Oto Galeri Sistemi 1.0 - SQL Injection via arac or marka Parameter
Multiple SQL injection vulnerabilities in Oto Galeri Sistemi 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) arac parameter to carsdetail.asp and the (2) marka parameter to twohandscars.asp.
by DeadLy DeMon
CVE-2010-4347 EXPLOITDB c VERIFIED
Linux Kernel < 2.6.36.2 - Privilege Escalation via ACPI Debugfs Custom Method
The ACPI subsystem in the Linux kernel before 2.6.36.2 uses 0222 permissions for the debugfs custom_method file, which allows local users to gain privileges by placing a custom ACPI method in the ACPI interpreter tables, related to the acpi_debugfs_init function in drivers/acpi/debugfs.c.
by Jon Oberheide
CVE-2010-4597 EXPLOITDB python VERIFIED
Ecava IntegraXor < 3.5.3900.5 - Stack-Based Buffer Overflow via IntegraXor.Project ActiveX Control
Stack-based buffer overflow in the save method in the IntegraXor.Project ActiveX control in igcomm.dll in Ecava IntegraXor Human-Machine Interface (HMI) before 3.5.3900.10 allows remote attackers to execute arbitrary code via a long string in the second argument.
by Jeremy Brown
EIP-2026-111943 EXPLOITDB text VERIFIED
SchuldnerBeratung - SQL Injection
by DeadLy DeMon
CVE-2010-4845 EXPLOITDB text VERIFIED
MH Products Projekt Shop - SQL Injection
Multiple SQL injection vulnerabilities in MH Products Projekt Shop allow remote attackers to execute arbitrary SQL commands via the (1) ts parameter to details.php and possibly the (2) ilceler parameter to index.php.
by DeadLy DeMon
CVE-2010-4846 EXPLOITDB text VERIFIED
MH Products Pay Pal Shop Digital - SQL Injection
SQL injection vulnerability in view_item.php in MH Products Pay Pal Shop Digital allows remote attackers to execute arbitrary SQL commands via the ItemID parameter.
by DeadLy DeMon
EIP-2026-109376 EXPLOITDB text
MCFileManager Plugin for TinyMCE 3.2.2.3 - Arbitrary File Upload
by Vladimir Vorontsov