Exploitdb Exploits
50,095 exploits tracked across all sources.
WeBid 0.8.5 P1 - Cross-Site Scripting via confirm.php id Parameter
Cross-site scripting (XSS) vulnerability in confirm.php in WeBid 0.8.5 P1 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
by John Leitch
phpshop < 2.1 - Cross-Site Scripting via register.html name_new Parameter
Cross-site scripting (XSS) vulnerability in register.html in PHPShop 2.1 EE and earlier allows remote attackers to inject arbitrary web script or HTML via the name_new parameter.
by MustLive
FCKEditor Core 2.x 2.4.3 - 'FileManager upload.php' Arbitrary File Upload
by grabz
IBM OmniFind Enterprise Edition < 9.1 - Local Privilege Escalation via esRunCommand
esRunCommand in IBM OmniFind Enterprise Edition before 9.1 allows local users to gain privileges by specifying an arbitrary command name as the first argument.
by Fatih Kilic
Ricoh Web Image Monitor 2.03 - Cross-Site Scripting
by thelightcosine
osCommerce 2.2 - Cross-Site Request Forgery
by daandeveloper33
com_jquarks4s 1.0.0 - SQL Injection via submitSurvey q Parameter
SQL injection vulnerability in the submitSurvey function in controller.php in JQuarks4s (com_jquarks4s) component 1.0.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the q parameter in a submitSurvey action to index.php.
by Salvatore Fresta
Joomla! Component com_img - Local File Inclusion
by CoBRa_21
Joomla! Component btg_oglas - HTML / Cross-Site Scripting Injection
by CoBRa_21
IBM OmniFind Enterprise Edition < 9.1 - Cross-Site Request Forgery in Administrator Interface
Cross-site request forgery (CSRF) vulnerability in ESAdmin/security.do in the administrator interface in IBM OmniFind Enterprise Edition before 9.1 allows remote attackers to hijack the authentication of administrators for requests that add an administrative user via a saveNewUser action.
by Fatih Kilic
IBM OmniFind Enterprise Edition 8.x and 9.x - Session Impersonation via Stolen Cookie
The administrator interface in IBM OmniFind Enterprise Edition 8.x and 9.x does not restrict use of a session ID (aka SID) value to a single IP address, which allows remote attackers to perform arbitrary administrative actions by leveraging cookie theft, related to a "session impersonation" issue.
by Fatih Kilic
IBM OmniFind EE <9.1 - Privilege Escalation
Untrusted search path vulnerability in estaskwrapper in IBM OmniFind Enterprise Edition before 9.1 allows local users to gain privileges via an ES_LIBRARY_PATH environment variable and a modified PATH environment variable, which is used during execution of the estasklight program, a different vulnerability than CVE-2010-3895.
by Fatih Kilic
Oracle MySQL 5.1 < 5.1.49 - Authenticated Denial of Service via IN or CASE Operations with NULL Arguments
Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (crash) via (1) IN or (2) CASE operations with NULL arguments that are explicitly specified or indirectly provided by the WITH ROLLUP modifier.
by Shane Bester
IBM OmniFind Enterprise Edition 8.x and 9.x - Denial of Service via Unlimited Web Crawl Recursion
IBM OmniFind Enterprise Edition 8.x and 9.x performs web crawls with an unlimited recursion depth, which allows remote web servers to cause a denial of service (infinite loop) via a crafted series of documents.
by Fatih Kilic
IBM OmniFind Enterprise Edition < 8.5 FP6 - Stack-based Buffer Overflow via Long Password
Stack-based buffer overflow in the Java_com_ibm_es_oss_CryptionNative_ESEncrypt function in /opt/IBM/es/lib/libffq.cryptionjni.so in the login form in the administration interface in IBM OmniFind Enterprise Edition before 8.5 FP6 allows remote attackers to execute arbitrary code via a long password.
by Fatih Kilic
Linux Kernel < 2.6.36.2 - Information Disclosure via Uninitialized Stack Memory in Socket Filter
The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check whether a certain memory location has been initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM instruction, which allows local users to obtain potentially sensitive information from kernel stack memory via a crafted socket filter.
by Dan Rosenberg
Novell GroupWise < 8.0.2 - Remote Code Execution via IMAP LIST Command
Double free vulnerability in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a large parameter in a LIST command.
by Francis Provencher
GroupWise Internet Agent <8.02HP - Buffer Overflow
Multiple stack-based buffer overflows in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long (1) LIST or (2) LSUB command.
by Francis Provencher
D-Link DIR-300 - Multiple Security Bypass Vulnerabilities
by Karol Celia
Silo 2.1.1 - 'wintab32.dll' DLL Loading Arbitrary Code Execution
by Gjoko Krstic
By Source