Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-107391 EXPLOITDB text
Getsimple CMS 2.01 < 2.02 - Administrative Credentials Disclosure
by Michael Brooks
CVE-2010-4298 EXPLOITDB text
Free Simple Software 1.0 - SQL Injection via downloads_id Parameter
SQL injection vulnerability in the download module in Free Simple Software 1.0 allows remote attackers to execute arbitrary SQL commands via the downloads_id parameter in a download_now action to index.php.
by Mark Stanislav
CVE-2006-2685 EXPLOITDB ruby VERIFIED
Basic Analysis and Security Engine <= 1.2.4 - Remote Code Execution via BASE_path Parameter
PHP remote file inclusion vulnerability in Basic Analysis and Security Engine (BASE) 1.2.4 and earlier, with register_globals enabled, allows remote attackers to execute arbitrary PHP code via a URL in the BASE_path parameter to (1) base_qry_common.php, (2) base_stat_common.php, and (3) includes/base_include.inc.php.
by Metasploit
CVE-2010-0304 EXPLOITDB ruby VERIFIED
Wireshark 0.9.15-1.0.10 and 1.2.0-1.2.5 - Denial of Service via Malformed LWRES Packet
Multiple buffer overflows in the LWRES dissector in Wireshark 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allow remote attackers to cause a denial of service (crash) via a malformed packet, as demonstrated using a stack-based buffer overflow to the dissect_getaddrsbyname_request function.
by Metasploit
CVE-2009-3068 EXPLOITDB ruby VERIFIED
Adobe RoboHelp Server 8 - Unauthenticated Arbitrary File Upload and Remote Code Execution via JSP File Upload
Unrestricted file upload vulnerability in the RoboHelpServer Servlet (robohelp/server) in Adobe RoboHelp Server 8 allows remote attackers to execute arbitrary code by uploading a Java Archive (.jsp) file during a PUBLISH action, then accessing it via a direct request to the file in the robohelp/robo/reserved/web directory under its sessionid subdirectory, as demonstrated by the vd_adobe module in VulnDisco Pack Professional 8.7 through 8.11.
by Metasploit
CVE-2010-4250 EXPLOITDB c VERIFIED
Linux Kernel < 2.6.37 - Denial of Service via inotify_init1 Memory Leak
Memory leak in the inotify_init1 function in fs/notify/inotify/inotify_user.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service (memory consumption) via vectors involving failed attempts to create files.
by Vegard Nossum
EIP-2026-101225 EXPLOITDB text VERIFIED
D-Link DIR-300 - WiFi Key Security Bypass
by Gaurav Saha
EIP-2026-100894 EXPLOITDB text VERIFIED
SimpLISTic SQL 2.0 - 'email.cgi' Cross-Site Scripting
by Aliaksandr Hartsuyeu
CVE-2009-2265 EXPLOITDB ruby VERIFIED
FCKeditor <2.6.4.1 - Path Traversal
Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009, related to the file browser and the editor/filemanager/connectors/ directory.
by Metasploit
CVE-2008-5405 EXPLOITDB ruby VERIFIED
Cain & Abel <4.9.24 - Buffer Overflow
Stack-based buffer overflow in the RDP protocol password decoder in Cain & Abel 4.9.23 and 4.9.24, and possibly earlier, allows remote attackers to execute arbitrary code via an RDP file containing a long string.
by Metasploit
CVE-2010-20042 EXPLOITDB HIGH perl VERIFIED
Xion Audio Player <1.0.126 - Buffer Overflow
Xion Audio Player versions 1.0.126 and prior are vulnerable to a Unicode-based stack buffer overflow triggered by opening a specially crafted .m3u playlist file. The file contains an overly long string that overwrites the Structured Exception Handler (SEH) chain, allowing an attacker to hijack execution flow and run arbitrary code.
by anT!-Tr0J4n
EIP-2026-118951 EXPLOITDB html VERIFIED
Netcraft Toolbar 1.8.1 - Remote Code Execution
by Rew
EIP-2026-118676 EXPLOITDB html VERIFIED
ImageShack Toolbar 4.8.3.75 - Remote Code Execution
by Rew
EIP-2026-118183 EXPLOITDB python VERIFIED
Xion Audio Player 1.0.127 - '.m3u' Local Buffer Overflow
by 0v3r
EIP-2026-111133 EXPLOITDB text
PHPmotion 1.62 - 'FCKeditor' Arbitrary File Upload
by trycyber
EIP-2026-104517 EXPLOITDB text VERIFIED
ZYXEL P-660R-T1 V2 - 'HomeCurrent_Date' Cross-Site Scripting
by Usman Saeed
CVE-2003-0213 EXPLOITDB ruby VERIFIED
PoPToP PPTP Server - Denial of Service via Invalid Control Packet Length
ctrlpacket.c in PoPToP PPTP server before 1.1.4-b3 allows remote attackers to cause a denial of service via a length field of 0 or 1, which causes a negative value to be fed into a read operation, leading to a buffer overflow.
by Metasploit
CVE-2010-5323 EXPLOITDB ruby VERIFIED
Novell ZENworks <10.3 - Path Traversal
Directory traversal vulnerability in UploadServlet in the Remote Management component in Novell ZENworks Configuration Management (ZCM) 10 before 10.3 allows remote attackers to execute arbitrary code via a crafted WAR pathname in the filename parameter in conjunction with WAR content in the POST data, a different vulnerability than CVE-2010-5324.
by Metasploit
EIP-2026-108932 EXPLOITDB text
jSchool Advanced - Blind SQL Injection
by Don Tukulesto
CVE-2010-4774 EXPLOITDB text
AuraCMS 1.62 - SQL Injection via pdf.php id Parameter
SQL injection vulnerability in pdf.php in AuraCMS 1.62 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-4804 and CVE-2007-4171.
by Don Tukulesto
CVE-2010-5324 EXPLOITDB ruby VERIFIED
Novell ZENworks Configuration Management (ZCM) <10.3 - Path Traversal
Directory traversal vulnerability in UploadServlet in the Remote Management component in Novell ZENworks Configuration Management (ZCM) 10 before 10.3 allows remote attackers to execute arbitrary code via a zenworks-fileupload request with a crafted directory name in the type parameter, in conjunction with a WAR filename in the filename parameter and WAR content in the POST data, a different vulnerability than CVE-2010-5323.
by Metasploit
CVE-2010-4172 EXPLOITDB text VERIFIED
Apache Tomcat 6.0.12-6.0.29 and 7.0.0-7.0.4 - Cross-Site Scripting via Manager Application Parameters
Multiple cross-site scripting (XSS) vulnerabilities in the Manager application in Apache Tomcat 6.0.12 through 6.0.29 and 7.0.0 through 7.0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) orderBy or (2) sort parameter to sessionsList.jsp, or unspecified input to (3) sessionDetail.jsp or (4) java/org/apache/catalina/manager/JspHelper.java, related to use of untrusted web applications.
by Adam Muntner
EIP-2026-102486 EXPLOITDB text
JCMS 2010 - File Download
by Beach
CVE-2010-3830 EXPLOITDB text VERIFIED
iPhone OS < 4.1 - Privilege Escalation via Packet Filter Rule Processing
Networking in Apple iOS before 4.2 accesses an invalid pointer during the processing of packet filter rules, which allows local users to gain privileges via unspecified vectors.
by Apple
EIP-2026-100814 EXPLOITDB text VERIFIED
Hot Links SQL 3.2 - 'report.cgi' SQL Injection
by Aliaksandr Hartsuyeu