Exploitdb Exploits
50,095 exploits tracked across all sources.
eXV2 CMS - Multiple Cross-Site Scripting Vulnerabilities
by LiquidWorm
IBM solidDB <= 6.5.0.3 - Denial of Service via Malformed Packet Data
solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing many integer fields with two different values, which allows remote attackers to cause a denial of service (invalid memory access and daemon crash) via a TCP session on port 1315.
by Luigi Auriemma
TWiki < 5.0.1 - Cross-Site Scripting via rev Parameter or Login Query String
Multiple cross-site scripting (XSS) vulnerabilities in lib/TWiki.pm in TWiki before 5.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the rev parameter to the view script or (2) the query string to the login script.
by DOUHINE Davy
TWiki < 5.0.1 - Cross-Site Scripting via rev Parameter or Login Query String
Multiple cross-site scripting (XSS) vulnerabilities in lib/TWiki.pm in TWiki before 5.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the rev parameter to the view script or (2) the query string to the login script.
by DOUHINE Davy
Data/File - upload and Management Arbitrary File Upload
by saudi0hacker
Torrent DVD Creator - 'quserex.dll' DLL Loading Arbitrary Code Execution
by anT!-Tr0J4n
Oracle Java SE/Jav for Bus 6 - Info Disclosure
Unspecified vulnerability in the New Java Plug-in component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
by Skylined
Winamp < 5.6 - Buffer Overflow in in_mod Plugin via Comment Box
Buffer overflow in the in_mod plugin in Winamp before 5.6 allows remote attackers to have an unspecified impact via vectors related to the comment box.
by Luigi Auriemma
Oracle Java - APPLET Tag Children Property Memory Corruption
by Skylined
Microsoft Windows Media Player <12 - Code Injection
Microsoft Windows Media Player (WMP) 9 through 12 does not properly deallocate objects during a browser reload action, which allows user-assisted remote attackers to execute arbitrary code via crafted media content referenced in an HTML document, aka "Windows Media Player Memory Corruption Vulnerability."
by Skylined
Oracle Solaris 10/OpenSolaris - Info Disclosure
Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect confidentiality and integrity via unknown vectors related to su.
by prdelka
Ronny CMS 1.1 r935 - Multiple HTML Injection Vulnerabilities
by High-Tech Bridge SA
PluXml 5.0.1 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
by High-Tech Bridge SA
Joomla! Jstore Component - Path Traversal via Controller Parameter
Directory traversal vulnerability in Jstore (com_jstore) component for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
by jos_ali_joe
Collabtive 0.6.5 - Cross-Site Scripting via User Profile Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Collabtive 0.6.5 allow remote attackers to inject arbitrary web script or HTML via the (1) User parameter in the edit user profile feature to manageuser.php, (2) y parameter in a newcal action to manageajax.php, and the (3) pic parameter to thumb.php.
by Anatolia Security
Notepad++ 5.8.2 - 'libtidy.dll' DLL Loading Arbitrary Code Execution
by anT!-Tr0J4n
HP OpenView Network Node Manager <7.53-7.51 - Buffer Overflow
Stack-based buffer overflow in ovwparser.dll in HP OpenView Network Node Manager (OV NNM) 7.53, 7.51, and earlier allows remote attackers to execute arbitrary code via a long URI in an HTTP request processed by ovas.exe, as demonstrated by a certain topology/homeBaseView request. NOTE: some of these details are obtained from third party information.
by Metasploit
e2eSoft VCam - DLL Loading Arbitrary Code Execution
by anT!-Tr0J4n
Disk Pulse Server 2.2.34 - Remote Buffer Overflow
by xsploited security
Collabtive 0.6.5 - Cross-Site Request Forgery in Admin User Addition
Cross-site request forgery (CSRF) vulnerability in admin.php in Collabtive 0.6.5 allows remote attackers to hijack the authentication of administrators for requests that add administrative users via the edituser action.
by Anatolia Security
By Source