Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2010-1240 EXPLOITDB ruby VERIFIED
Adobe PDF Embedded EXE Social Engineering
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, do not restrict the contents of one text field in the Launch File warning dialog, which makes it easier for remote attackers to trick users into executing an arbitrary local program that was specified in a PDF document, as demonstrated by a text field that claims that the Open button will enable the user to read an encrypted message.
by Metasploit
CVE-2010-1240 EXPLOITDB ruby VERIFIED
Adobe PDF Embedded EXE Social Engineering
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, do not restrict the contents of one text field in the Launch File warning dialog, which makes it easier for remote attackers to trick users into executing an arbitrary local program that was specified in a PDF document, as demonstrated by a text field that claims that the Open button will enable the user to read an encrypted message.
by Metasploit
EIP-2026-116266 EXPLOITDB python VERIFIED
Solar FTP Server 2.0 - Multiple Denial of Service Vulnerabilities
by modpr0be
EIP-2026-111627 EXPLOITDB text VERIFIED
QualDev eCommerce script - SQL Injection
by ErrNick
EIP-2026-111191 EXPLOITDB text VERIFIED
PHPRS - 'model-kits.php' SQL Injection
by KnocKout
CVE-2010-4719 EXPLOITDB text VERIFIED
com_jradio < 1.5.0 - Path Traversal via Controller Parameter
Directory traversal vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.
by Sid3^effects
CVE-2010-4345 EXPLOITDB HIGH ruby VERIFIED
Exim4 string_format Function Heap Buffer Overflow
Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
by Metasploit
CVSS 7.8
CVE-2010-4749 EXPLOITDB text
BLOG:CMS 4.2.1.e - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in BLOG:CMS 4.2.1.e, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) body parameter to action.php and the (2) amount and (3) action parameters to admin/index.php.
by High-Tech Bridge SA
EIP-2026-119075 EXPLOITDB ruby VERIFIED
Race River Integard Home/Pro - LoginAdmin Password Stack Buffer Overflow (Metasploit)
by Metasploit
CVE-2010-3971 EXPLOITDB ruby VERIFIED
Internet Explorer 6-8 - Use-After-Free in CSS Parser via Self-Referential @import Rule
Use-after-free vulnerability in the CSharedStyleSheet::Notify function in the Cascading Style Sheets (CSS) parser in mshtml.dll, as used in Microsoft Internet Explorer 6 through 8 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a self-referential @import rule in a stylesheet, aka "CSS Memory Corruption Vulnerability."
by Nephi Johnson
EIP-2026-115187 EXPLOITDB perl VERIFIED
Easy DVD Creator - Local Crash (PoC)
by h1ch4m
EIP-2026-115144 EXPLOITDB perl VERIFIED
Digital Audio Editor 7.6.0.237 - Local Crash (PoC)
by h1ch4m
EIP-2026-112212 EXPLOITDB text VERIFIED
slickMsg - Cross-Site Scripting / HTML Injection
by Aliaksandr Hartsuyeu
CVE-2010-4333 EXPLOITDB text
Pointter PHP Micro-Blogging Social Network 1.8 - Unauthenticated Privilege Escalation via Cookie Manipulation
Pointter PHP Micro-Blogging Social Network 1.8 allows remote attackers to bypass authentication and obtain administrative privileges via arbitrary values of the auser and apass cookies.
by Mark Stanislav
CVE-2010-4332 EXPLOITDB text
Pointter PHP Content Management System 1.0 - Unauthenticated Authentication Bypass via Cookie Manipulation
Pointter PHP Content Management System 1.0 allows remote attackers to bypass authentication and obtain administrative privileges via arbitrary values of the auser and apass cookies.
by Mark Stanislav
CVE-2010-4350 EXPLOITDB text
MantisBT < 1.2.4 - Remote Code Execution via db_type Parameter in admin/upgrade_unattended.php
Directory traversal vulnerability in admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the db_type parameter, related to an unsafe call by MantisBT to a function in the ADOdb Library for PHP.
by LiquidWorm
CVE-2010-4349 EXPLOITDB text
MantisBT < 1.2.4 - Information Disclosure via Invalid db_type Parameter
admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to obtain sensitive information via an invalid db_type parameter, which reveals the installation path in an error message, related to an unsafe call by MantisBT to a function in the ADOdb Library for PHP.
by LiquidWorm
CVE-2010-4111 EXPLOITDB text VERIFIED
HP Insight Diagnostics < 8.5.1.3712 - Cross-Site Scripting
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.1.3712 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
by Richard Brain
CVE-2010-4750 EXPLOITDB text
BLOG:CMS 4.2.1.e - Cross-Site Request Forgery in admin/libs/ADMIN.php
Cross-site request forgery (CSRF) vulnerability in admin/libs/ADMIN.php in BLOG:CMS 4.2.1.e, and possibly earlier, allows remote attackers to hijack the authentication of administrators.
by High-Tech Bridge SA
EIP-2026-105526 EXPLOITDB text VERIFIED
Blog:CMS 4.2.1 e - Multiple HTML Injections / Cross-Site Scripting
by High-Tech Bridge SA
CVE-2010-5315 EXPLOITDB text
BEdita < 3.0.1.2550 "betula" - Cross-Site Request Forgery via News Categories or Admin User Save
Multiple cross-site request forgery (CSRF) vulnerabilities in BEdita before 3.1 allow remote attackers to hijack the authentication of administrators for requests that (1) create categories via a data array to news/saveCategories or (2) modify credentials via a data array to admin/saveUser.
by High-Tech Bridge SA
CVE-2010-0840 EXPLOITDB CRITICAL ruby VERIFIED
Oracle Java SE/Jav for Bus <6-5.0-1.4.2 - Info Disclosure
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) "a similar trust issue with interfaces," aka "Trusted Methods Chaining Remote Code Execution Vulnerability."
by Metasploit
CVSS 9.8
CVE-2010-4604 EXPLOITDB text VERIFIED
IBM Tivoli Storage Manager 5.3.0-5.3.6.7 - Stack-Based Buffer Overflow in GeneratePassword Function
Stack-based buffer overflow in the GeneratePassword function in dsmtca (aka the Trusted Communications Agent or TCA) in the backup-archive client in IBM Tivoli Storage Manager (TSM) 5.3.x before 5.3.6.10, 5.4.x before 5.4.3.4, 5.5.x before 5.5.2.10, and 6.1.x before 6.1.3.1 on Unix and Linux allows local users to gain privileges by specifying a long LANG environment variable, and then sending a request over a pipe.
by Kryptos Logic
EIP-2026-100807 EXPLOITDB text
Google Urchin 5.7.03 - Local File Inclusion
by Kristian Erik Hermansen
CVE-2010-3906 EXPLOITDB text VERIFIED
Gitweb < 1.7.3.3 - Cross-Site Scripting via f and fp Parameters
Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) f and (2) fp parameters.
by emgent