Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2010-10011 EXPLOITDB MEDIUM text VERIFIED
Acritum Femitter Server 1.04 - Path Traversal
A vulnerability, which was classified as problematic, was found in Acritum Femitter Server 1.04. Affected is an unknown function. The manipulation leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-250446 is the identifier assigned to this vulnerability.
by chr1x
CVSS 4.3
EIP-2026-118285 EXPLOITDB text VERIFIED
AT-TFTP Server 1.8 - Directory Traversal
by Yakir Wizman
EIP-2026-115320 EXPLOITDB text
G Data TotalCare 2011 - 'NtOpenKey' Race Condition
by Nikita Tarakanov
EIP-2026-114587 EXPLOITDB text
Zeeways Adserver - Multiple Vulnerabilities
by Valentin
EIP-2026-111026 EXPLOITDB text
phpCow 2.1 - File Inclusion
by ViRuS_HiMa
EIP-2026-109335 EXPLOITDB text
MassMirror Uploader - Remote File Inclusion
by ViciOuS
EIP-2026-108351 EXPLOITDB text VERIFIED
Joomla! Component com_forme 1.0.5 - Multiple Vulnerabilities
by jdc
EIP-2026-108326 EXPLOITDB text VERIFIED
Joomla! Component com_dcnews - Local File Inclusion
by Th3 RDX
EIP-2026-108316 EXPLOITDB text VERIFIED
Joomla! Component com_connect - Local File Inclusion
by Th3 RDX
EIP-2026-119289 EXPLOITDB text VERIFIED
WinTFTP Server Pro 3.1 - Directory Traversal
by Yakir Wizman
EIP-2026-119067 EXPLOITDB text
Quick Tftp Server Pro 2.1 - Directory Traversal
by Yakir Wizman
CVE-2010-4742 EXPLOITDB ruby VERIFIED
Moxa ActiveX SDK <2.2.0.5 - Buffer Overflow
Stack-based buffer overflow in a certain ActiveX control in MediaDBPlayback.DLL 2.2.0.5 in the Moxa ActiveX SDK allows remote attackers to execute arbitrary code via a long PlayFileName property value.
by Metasploit
CVE-2007-0548 EXPLOITDB perl VERIFIED
KarjaSoft Sami HTTP Server 2.0.1 - Denial of Service via Nonexistent Object Requests
KarjaSoft Sami HTTP Server 2.0.1 allows remote attackers to cause a denial of service (daemon hang) via a large number of requests for nonexistent objects.
by wingthor
EIP-2026-115548 EXPLOITDB html
LeadTools 11.5.0.9 - 'lttmb11n.ocx' BrowseDir() Access Violation Denial of Service
by Matthew Bergin
EIP-2026-115547 EXPLOITDB html
LeadTools 11.5.0.9 - 'ltlst11n.ocx' Insert() Access Violation Denial of Service
by Matthew Bergin
EIP-2026-115546 EXPLOITDB html
LeadTools 11.5.0.9 - 'ltisi11n.ocx' DriverName() Access Violation Denial of Service
by Matthew Bergin
EIP-2026-115545 EXPLOITDB html
LeadTools 11.5.0.9 - 'ltdlg11n.ocx' GetColorRes() Access Violation Denial of Service
by Matthew Bergin
EIP-2026-115544 EXPLOITDB html
LeadTools 11.5.0.9 - 'ltdlg11n.ocx' Bitmap Access Violation Denial of Service
by Matthew Bergin
EIP-2026-115244 EXPLOITDB text VERIFIED
FileFuzz - Denial of Service
by Sweet
CVE-2010-3639 EXPLOITDB text VERIFIED
Adobe Flash Player < 9.0.289.0 - Denial of Service or Remote Code Execution
Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors.
by Matthew Bergin
CVE-2010-4853 EXPLOITDB text VERIFIED
chillcreations com_ccinvoices - SQL Injection via id Parameter
SQL injection vulnerability in the ccInvoices (com_ccinvoices) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewInv action to index.php.
by FL0RiX
EIP-2026-108215 EXPLOITDB text VERIFIED
Joomla! Component AutoArticles 3000 - SQL Injection
by jos_ali_joe
EIP-2026-108175 EXPLOITDB text VERIFIED
Joomla! 1.5.x - SQL Error Information Disclosure
by YGN Ethical Hacker Group
CVE-2010-4246 EXPLOITDB text VERIFIED
pfSense 1.2.3 and 2 beta 4 - Cross-Site Scripting via graph.php ifnum or ifname Parameter
Multiple cross-site scripting (XSS) vulnerabilities in graph.php in pfSense 1.2.3 and 2 beta 4 allow remote attackers to inject arbitrary web script or HTML via the (1) ifnum or (2) ifname parameter, a different vulnerability than CVE-2008-1182.
by dave b
CVE-2010-3709 EXPLOITDB text
PHP 5.2.0-5.2.14 and 5.3.0-5.3.3 - Denial of Service via ZipArchive::getArchiveComment
The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ZIP archive.
by Maksymilian Arciemowicz