Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2000-0322 EXPLOITDB ruby VERIFIED
Red Hat Piranha - Command Injection
The passwd.php3 CGI script in the Red Hat Piranha Virtual Server Package allows local users to execute arbitrary commands via shell metacharacters.
by Metasploit
EIP-2026-107372 EXPLOITDB text VERIFIED
GeekLog 1.7.0 - 'FCKeditor' Arbitrary File Upload
by Kubanezi AHG
CVE-2004-1580 EXPLOITDB text VERIFIED
CubeCart 2.0.1 - SQL Injection via cat_id Parameter
SQL injection vulnerability in index.php in CubeCart 2.0.1 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
by X_AviaTique_X
EIP-2026-104836 EXPLOITDB text VERIFIED
411cc - Multiple SQL Injections
by KnocKout
CVE-2011-0536 EXPLOITDB text VERIFIED
GNU C Library <2.12-1.7.el6_0.3 - Privilege Escalation
Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object (DSO) in a subdirectory of the current working directory during execution of a (1) setuid or (2) setgid program that has $ORIGIN in (a) RPATH or (b) RUNPATH within the program itself or a referenced library. NOTE: this issue exists because of an incorrect fix for CVE-2010-3847.
by Tavis Ormandy
CVE-2010-4144 EXPLOITDB text VERIFIED
Kisisel Radyo Script - SQL Injection via Id Parameter
SQL injection vulnerability in radyo.asp in Kisisel Radyo Script allows remote attackers to execute arbitrary SQL commands via the Id parameter.
by FuRty
CVE-2010-0231 EXPLOITDB text VERIFIED
Microsoft Windows - SMB NTLM Authentication Spoofing via Insufficient Entropy
The SMB implementation in the Server service in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not use a sufficient source of entropy, which allows remote attackers to obtain access to files and other SMB resources via a large number of authentication requests, related to server-generated challenges, certain "duplicate values," and spoofing of an authentication token, aka "SMB NTLM Authentication Lack of Entropy Vulnerability."
by Hernan Ochoa
EIP-2026-115957 EXPLOITDB python
Novel eDirectory DHost Console 8.8 SP3 - Local Overwrite (SEH)
by d0lc3
EIP-2026-113433 EXPLOITDB text VERIFIED
WikiWebHelp 0.3.3 - Insecure Cookie Handling
by FuRty
EIP-2026-112564 EXPLOITDB text
Tastydir 1.2 (1216) - Multiple Vulnerabilities
by R
EIP-2026-103605 EXPLOITDB text VERIFIED
Opera 10.63 - SVG Animation Element Denial of Service
by fla
CVE-2010-4145 EXPLOITDB text VERIFIED
Kisisel Radyo Script - Unauthenticated Sensitive Information Disclosure via Direct Database Request
Kisisel Radyo Script stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for sevvo/eco23.mdb.
by FuRty
CVE-2010-3332 EXPLOITDB ruby VERIFIED
Microsoft .NET Framework - Info Disclosure
Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP.NET in Microsoft Internet Information Services (IIS), provides detailed error codes during decryption attempts, which allows remote attackers to decrypt and modify encrypted View State (aka __VIEWSTATE) form data, and possibly forge cookies or read application files, via a padding oracle attack, aka "ASP.NET Padding Oracle Vulnerability."
by Agustin Azubel
CVE-2010-3329 EXPLOITDB text VERIFIED
Microsoft Internet Explorer <8 - RCE
mshtmled.dll in Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code via a crafted Microsoft Office document that causes the HtmlDlgHelper class destructor to access uninitialized memory, aka "Uninitialized Memory Corruption Vulnerability."
by Core Security
EIP-2026-115080 EXPLOITDB python VERIFIED
ConvexSoft DJ Audio Mixer - Denial of Service
by MOHAMED ABDI
EIP-2026-100004 EXPLOITDB python VERIFIED
PHP Hosting Directory 2.0 - Database Disclosure
by ZoRLu
CVE-2010-4056 EXPLOITDB text
IBM solidDB <= 6.5.0.3 - Denial of Service via TCP Packet Handling
solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing a single integer field, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TCP session on port 1315.
by Luigi Auriemma
CVE-2010-4055 EXPLOITDB text
IBM solidDB < 6.5.0.3 - Denial of Service via TCP Port 1315 Packet with Many Integer Fields
Stack consumption vulnerability in solid.exe in IBM solidDB 6.5.0.3 and earlier allows remote attackers to cause a denial of service (memory consumption and daemon crash) by connecting to TCP port 1315 and sending a packet with many integer fields, which trigger many recursive calls of a certain function.
by Luigi Auriemma
EIP-2026-119168 EXPLOITDB c VERIFIED
STDU Explorer 1.0.201 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution
by anT!-Tr0J4n
EIP-2026-118218 EXPLOITDB c VERIFIED
1CLICK DVD Converter 2.1.7.1 - Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
by anT!-Tr0J4n
EIP-2026-116193 EXPLOITDB text VERIFIED
Rocket Software UniData 7.2.7.3806 - Denial of Service
by Luigi Auriemma
EIP-2026-116041 EXPLOITDB python VERIFIED
PCDJ Karaoki 0.6.3819 - Denial of Service
by MOHAMED ABDI
EIP-2026-115155 EXPLOITDB python VERIFIED
DJ Legend 6.01 - Denial of Service
by MOHAMED ABDI
CVE-2010-4142 EXPLOITDB text VERIFIED
DATAC RealWin <= 2.0 Build 6.1.8.10 - Stack-Based Buffer Overflow via Long SCPC Packet
Multiple stack-based buffer overflows in DATAC RealWin 2.0 Build 6.1.8.10 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) SCPC_INITIALIZE, (2) SCPC_INITIALIZE_RF, or (3) SCPC_TXTEVENT packet. NOTE: it was later reported that 1.06 is also affected by one of these requests.
by Luigi Auriemma
EIP-2026-108982 EXPLOITDB text
KCFinder 2.2 - Arbitrary File Upload
by saudi0hacker