Exploitdb Exploits
50,095 exploits tracked across all sources.
HotWebScripts HotWeb Rentals - SQL Injection
SQL injection vulnerability in resorts.asp in HotWebScripts HotWeb Rentals allows remote attackers to execute arbitrary SQL commands via the PropResort parameter.
by R4dc0re
GateSoft DocuSafe <4.1.2 - SQL Injection
SQL injection vulnerability in ECO.asp in GateSoft DocuSafe 4.1.0 and 4.1.2 allows remote attackers to execute arbitrary SQL commands via the ECO_ID parameter. NOTE: some of these details are obtained from third party information.
by R4dc0re
Ecommercemax Solutions DGS <1.5 - SQL Injection
SQL injection vulnerability in shoppingcart.asp in Ecommercemax Solutions Digital-goods seller (DGS) 1.5 allows remote attackers to execute arbitrary SQL commands via the d parameter.
by R4dc0re
WaveMax Sound Editor 4.5.1 - Denial of Service (PoC)
by h1ch4m
TFTPUtil GUI 1.4.5 - Denial of Service (Metasploit)
by Vuk Ivanovic
MediaMonkey 3.2.4.1304 - '.mp3' Buffer Overflow (PoC)
by 0v3r
Free Audio Converter 7.1.5 - Denial of Service (PoC)
by h1ch4m
Wireshark 1.2.0-1.2.12 and 1.4.0-1.4.1 - Heap-Based Buffer Overflow in LDSS Dissector
Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an LDSS packet with a long digest line that triggers memory corruption.
by Nephi Johnson
Techno Dreams FAQ Manager Package 1.0 - 'faqlist.asp' SQL Injection
by R4dc0re
Techno Dreams Articles & Papers Package 2.0 - 'ArticlesTablelist.asp' SQL Injection
by R4dc0re
Techno Dreams Job Career Package 3.0 - SQL Injection
SQL injection vulnerability in Resumes/TD_RESUME_Indlist.asp in Techno Dreams (T-Dreams) Job Career Package 3.0 allows remote attackers to execute arbitrary SQL commands via the z_Residency parameter.
by R4dc0re
Techno Dreams (T-Dreams) Cars Ads Package 2.0 - SQL Injection
SQL injection vulnerability in processview.asp in Techno Dreams (T-Dreams) Cars Ads Package 2.0 allows remote attackers to execute arbitrary SQL commands via the key parameter.
by R4dc0re
Dejcom Market CMS - 'showbrand.aspx' SQL Injection
by Mormoroth
ASPSiteWare Contact Directory 1.0 - SQL Injection
by R4dc0re
ProFTPD 1.3.3c - Unauthenticated Remote Code Execution via Hidden FTP Command
A malicious backdoor was embedded in the official ProFTPD 1.3.3c source tarball distributed between November 28 and December 2, 2010. The backdoor implements a hidden FTP command trigger that, when invoked, causes the server to execute arbitrary shell commands with root privileges. This allows remote, unauthenticated attackers to run any OS command on the FTP server host.
by Metasploit
CVSS 9.8
Viscom Image Viewer CP Pro/Gold <8.0-6.0 - Buffer Overflow
Stack-based buffer overflow in the TIFMergeMultiFiles function in the SCRIBBLE.ScribbleCtrl.1 ActiveX control (ImageViewer2.ocx) in Viscom Image Viewer CP Pro 8.0 and Gold 6.0 allows remote attackers to execute arbitrary code via a long strDelimit parameter.
by Dr_IDE
Alguest 1.1 - Multiple Cookie Authentication Bypass Vulnerabilities
by Aliaksandr Hartsuyeu
Easy Travel Portal 2 - 'travelbycountry.asp' SQL Injection
by Ulrik Persson
By Source