Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-103421 EXPLOITDB ruby VERIFIED
Avidemux 2.5.4 - Buffer Overflow
by The_UnKn@wn
EIP-2026-100106 EXPLOITDB text VERIFIED
Angel Learning Management System 7.3 - 'pdaview.asp' Cross-Site Scripting
by Wesley Kerfoot
CVE-2010-1807 EXPLOITDB html
Apple Safari 4.x-5.x - Remote Code Execution via Floating-Point Validation Flaw
WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to non-standard NaN representation.
by MJ Keith
CVE-2010-3962 EXPLOITDB HIGH html VERIFIED
Microsoft Internet Explorer 6, 7, and 8 - Use-After-Free via CSS Clip Attribute
Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code via vectors related to Cascading Style Sheets (CSS) token sequences and the clip attribute, aka an "invalid flag reference" issue or "Uninitialized Memory Corruption Vulnerability," as exploited in the wild in November 2010.
by ryujin
CVSS 8.1
CVE-2007-3216 EXPLOITDB ruby VERIFIED
CA BrightStor ARCserve Backup r11.1 - Remote Code Execution via Buffer Overflow
Multiple buffer overflows in the LGServer component of CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.1 allow remote attackers to execute arbitrary code via crafted arguments to the (1) rxsAddNewUser, (2) rxsSetUserInfo, (3) rxsRenameUser, (4) rxsSetMessageLogSettings, (5) rxsExportData, (6) rxsSetServerOptions, (7) rxsRenameFile, (8) rxsACIManageSend, (9) rxsExportUser, (10) rxsImportUser, (11) rxsMoveUserData, (12) rxsUseLicenseIni, (13) rxsLicGetSiteId, (14) rxsGetLogFileNames, (15) rxsGetBackupLog, (16) rxsBackupComplete, (17) rxsSetDataProtectionSecurityData, (18) rxsSetDefaultConfigName, (19) rxsGetMessageLogSettings, (20) rxsHWDiskGetTotal, (21) rxsHWDiskGetFree, (22) rxsGetSubDirs, (23) rxsGetServerDBPathName, (24) rxsSetServerOptions, (25) rxsDeleteFile, (26) rxsACIManageSend, (27) rxcReadBackupSetList, (28) rxcWriteConfigInfo, (29) rxcSetAssetManagement, (30) rxcWriteFileListForRestore, (31) rxcReadSaveSetProfile, (32) rxcInitSaveSetProfile, (33) rxcAddSaveSetNextAppList, (34) rxcAddSaveSetNextFilesPathList, (35) rxcAddNextBackupSetIncWildCard, (36) rxcGetRevisions, (37) rxrAddMovedUser, (38) rxrSetClientVersion, or (39) rxsSetDataGrowthScheduleAndFilter commands.
by Metasploit
EIP-2026-117258 EXPLOITDB perl VERIFIED
GSPlayer 1.83a Win32 Release - Local Buffer Overflow
by moigai
CVE-2010-3962 EXPLOITDB HIGH html VERIFIED
Microsoft Internet Explorer 6, 7, and 8 - Use-After-Free via CSS Clip Attribute
Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code via vectors related to Cascading Style Sheets (CSS) token sequences and the clip attribute, aka an "invalid flag reference" issue or "Uninitialized Memory Corruption Vulnerability," as exploited in the wild in November 2010.
by anonymous
CVSS 8.1
EIP-2026-115397 EXPLOITDB perl VERIFIED
HtaEdit 3.2.3.0 - '.hta' Buffer Overflow
by anT!-Tr0J4n
EIP-2026-114957 EXPLOITDB c
Avast! Internet Security - aswtdi.sys Local Denial of Service (PoC)
by Nikita Tarakanov
CVE-2010-4091 EXPLOITDB text VERIFIED
Adobe Reader and Acrobat - Remote Code Execution via Crafted PDF Document
The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.
by scup
CVE-2010-5318 EXPLOITDB text VERIFIED
SweetRice CMS < 0.6.7.1 - Unauthenticated Password Reset via Email Parameter
The password-reset feature in as/index.php in SweetRice CMS before 0.6.7.1 allows remote attackers to modify the administrator's password by specifying the administrator's e-mail address in the email parameter.
by High-Tech Bridge SA
EIP-2026-109481 EXPLOITDB text
MiniBB 2.5 - SQL Injection
by High-Tech Bridge SA
EIP-2026-108068 EXPLOITDB text VERIFIED
JBI CMS - SQL Injection
by Cru3l.b0y
EIP-2026-108029 EXPLOITDB text
JAF CMS 4.0 rc2 - Multiple Vulnerabilities
by High-Tech Bridge SA
EIP-2026-106895 EXPLOITDB text VERIFIED
eoCMS 0.9.04 - Multiple Vulnerabilities
by High-Tech Bridge SA
CVE-2002-2268 EXPLOITDB ruby VERIFIED
Webster HTTP Server - Remote Code Execution via Long URL
Buffer overflow in Webster HTTP Server allows remote attackers to execute arbitrary code via a long URL.
by Metasploit
CVE-2005-0581 EXPLOITDB ruby VERIFIED
CA License Client and Server 0.1.0.15 - Multiple Buffer Overflow via GCR Request and GETCONFIG Packet
Multiple buffer overflows in Computer Associates (CA) License Client and Server 0.1.0.15 allow remote attackers to execute arbitrary code via (1) certain long fields in the Checksum item in a GCR request, (2) a long IP address, hostname, or netmask values in a GCR request, (3) a long last parameter in a GETCONFIG packet, or (4) long values in a request with an invalid format.
by Metasploit
CVE-2007-5003 EXPLOITDB ruby VERIFIED
CA BrightStor ARCserve Backup r11.0-r11.5 - Stack-Based Buffer Overflow
Multiple stack-based buffer overflows in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to execute arbitrary code via a long (1) username or (2) password to the rxrLogin command in rxRPC.dll, or a long (3) username argument to the GetUserInfo function.
by Metasploit
CVE-2007-3216 EXPLOITDB ruby VERIFIED
CA BrightStor ARCserve Backup r11.1 - Remote Code Execution via Buffer Overflow
Multiple buffer overflows in the LGServer component of CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.1 allow remote attackers to execute arbitrary code via crafted arguments to the (1) rxsAddNewUser, (2) rxsSetUserInfo, (3) rxsRenameUser, (4) rxsSetMessageLogSettings, (5) rxsExportData, (6) rxsSetServerOptions, (7) rxsRenameFile, (8) rxsACIManageSend, (9) rxsExportUser, (10) rxsImportUser, (11) rxsMoveUserData, (12) rxsUseLicenseIni, (13) rxsLicGetSiteId, (14) rxsGetLogFileNames, (15) rxsGetBackupLog, (16) rxsBackupComplete, (17) rxsSetDataProtectionSecurityData, (18) rxsSetDefaultConfigName, (19) rxsGetMessageLogSettings, (20) rxsHWDiskGetTotal, (21) rxsHWDiskGetFree, (22) rxsGetSubDirs, (23) rxsGetServerDBPathName, (24) rxsSetServerOptions, (25) rxsDeleteFile, (26) rxsACIManageSend, (27) rxcReadBackupSetList, (28) rxcWriteConfigInfo, (29) rxcSetAssetManagement, (30) rxcWriteFileListForRestore, (31) rxcReadSaveSetProfile, (32) rxcInitSaveSetProfile, (33) rxcAddSaveSetNextAppList, (34) rxcAddSaveSetNextFilesPathList, (35) rxcAddNextBackupSetIncWildCard, (36) rxcGetRevisions, (37) rxrAddMovedUser, (38) rxrSetClientVersion, or (39) rxsSetDataGrowthScheduleAndFilter commands.
by Metasploit
EIP-2026-117616 EXPLOITDB ruby VERIFIED
MiniShare 1.5.5 - 'users.txt' Local Buffer Overflow (SEH)
by Muhamad Fadzil Ramli
EIP-2026-115111 EXPLOITDB html
Crystal Report Viewer 8.0.0.371 - ActiveX Denial of Service
by Matthew Bergin
EIP-2026-114964 EXPLOITDB text
Avira Premium Security Suite - 'NtCreateKey' Race Condition
by Nikita Tarakanov
EIP-2026-114596 EXPLOITDB text
Zen Cart 1.3.9h - Local File Inclusion
by Salvatore Fresta
EIP-2026-106844 EXPLOITDB text VERIFIED
eLouai's Force Download Script - Arbitrary Local File Download
by v1R00Z
CVE-2010-4633 EXPLOITDB text VERIFIED
digiSHOP 2.0.2 - SQL Injection via cart.php id Parameter
SQL injection vulnerability in cart.php in digiSHOP 2.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vulnerability than CVE-2005-4614.1.
by Silic0n