Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-106982 EXPLOITDB text VERIFIED
eXV2 CMS - Multiple Cross-Site Scripting Vulnerabilities
by LiquidWorm
CVE-2010-4057 EXPLOITDB text
IBM solidDB <= 6.5.0.3 - Denial of Service via Malformed Packet Data
solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing many integer fields with two different values, which allows remote attackers to cause a denial of service (invalid memory access and daemon crash) via a TCP session on port 1315.
by Luigi Auriemma
EIP-2026-115180 EXPLOITDB python VERIFIED
Ease Jukebox 1.30 - Denial of Service
by Sweet
EIP-2026-114436 EXPLOITDB text VERIFIED
Xlrstats 2.0.1 - SQL Injection
by Sky4
CVE-2010-3841 EXPLOITDB text VERIFIED
TWiki < 5.0.1 - Cross-Site Scripting via rev Parameter or Login Query String
Multiple cross-site scripting (XSS) vulnerabilities in lib/TWiki.pm in TWiki before 5.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the rev parameter to the view script or (2) the query string to the login script.
by DOUHINE Davy
CVE-2010-3841 EXPLOITDB text VERIFIED
TWiki < 5.0.1 - Cross-Site Scripting via rev Parameter or Login Query String
Multiple cross-site scripting (XSS) vulnerabilities in lib/TWiki.pm in TWiki before 5.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the rev parameter to the view script or (2) the query string to the login script.
by DOUHINE Davy
EIP-2026-106358 EXPLOITDB text VERIFIED
Data/File - upload and Management Arbitrary File Upload
by saudi0hacker
EIP-2026-119218 EXPLOITDB c VERIFIED
Torrent DVD Creator - 'quserex.dll' DLL Loading Arbitrary Code Execution
by anT!-Tr0J4n
CVE-2010-3552 EXPLOITDB text VERIFIED
Oracle Java SE/Jav for Bus 6 - Info Disclosure
Unspecified vulnerability in the New Java Plug-in component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
by Skylined
CVE-2010-4371 EXPLOITDB text VERIFIED
Winamp < 5.6 - Buffer Overflow in in_mod Plugin via Comment Box
Buffer overflow in the in_mod plugin in Winamp before 5.6 allows remote attackers to have an unspecified impact via vectors related to the comment box.
by Luigi Auriemma
EIP-2026-116016 EXPLOITDB html VERIFIED
Oracle Java - APPLET Tag Children Property Memory Corruption
by Skylined
CVE-2010-2745 EXPLOITDB html VERIFIED
Microsoft Windows Media Player <12 - Code Injection
Microsoft Windows Media Player (WMP) 9 through 12 does not properly deallocate objects during a browser reload action, which allows user-assisted remote attackers to execute arbitrary code via crafted media content referenced in an HTML document, aka "Windows Media Player Memory Corruption Vulnerability."
by Skylined
EIP-2026-114795 EXPLOITDB text
Oracle Virtual Server Agent - Command Injection
by Nahuel Grisolia
CVE-2010-3503 EXPLOITDB text VERIFIED
Oracle Solaris 10/OpenSolaris - Info Disclosure
Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect confidentiality and integrity via unknown vectors related to su.
by prdelka
EIP-2026-111791 EXPLOITDB text VERIFIED
Ronny CMS 1.1 r935 - Multiple HTML Injection Vulnerabilities
by High-Tech Bridge SA
EIP-2026-111367 EXPLOITDB text VERIFIED
PluXml 5.0.1 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
by High-Tech Bridge SA
CVE-2010-5286 EXPLOITDB text VERIFIED
Joomla! Jstore Component - Path Traversal via Controller Parameter
Directory traversal vulnerability in Jstore (com_jstore) component for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
by jos_ali_joe
EIP-2026-106965 EXPLOITDB text VERIFIED
Exponent CMS 0.97 - Multiple Vulnerabilities
by LiquidWorm
CVE-2010-5284 EXPLOITDB text VERIFIED
Collabtive 0.6.5 - Cross-Site Scripting via User Profile Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Collabtive 0.6.5 allow remote attackers to inject arbitrary web script or HTML via the (1) User parameter in the edit user profile feature to manageuser.php, (2) y parameter in a newcal action to manageajax.php, and the (3) pic parameter to thumb.php.
by Anatolia Security
EIP-2026-118965 EXPLOITDB python VERIFIED
Notepad++ 5.8.2 - 'libtidy.dll' DLL Loading Arbitrary Code Execution
by anT!-Tr0J4n
CVE-2008-1697 EXPLOITDB ruby VERIFIED
HP OpenView Network Node Manager <7.53-7.51 - Buffer Overflow
Stack-based buffer overflow in ovwparser.dll in HP OpenView Network Node Manager (OV NNM) 7.53, 7.51, and earlier allows remote attackers to execute arbitrary code via a long URI in an HTTP request processed by ovas.exe, as demonstrated by a certain topology/homeBaseView request. NOTE: some of these details are obtained from third party information.
by Metasploit
EIP-2026-118451 EXPLOITDB python VERIFIED
e2eSoft VCam - DLL Loading Arbitrary Code Execution
by anT!-Tr0J4n
EIP-2026-118414 EXPLOITDB python VERIFIED
Disk Pulse Server 2.2.34 - Remote Buffer Overflow
by xsploited security
EIP-2026-113432 EXPLOITDB html VERIFIED
WikiWebHelp 0.3.3 - Cross-Site Request Forgery
by Yoyahack
CVE-2010-5285 EXPLOITDB text VERIFIED
Collabtive 0.6.5 - Cross-Site Request Forgery in Admin User Addition
Cross-site request forgery (CSRF) vulnerability in admin.php in Collabtive 0.6.5 allows remote attackers to hijack the authentication of administrators for requests that add administrative users via the edituser action.
by Anatolia Security