Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-113368 EXPLOITDB text
Webspell 4.x - safe_query Bypass
by silent vapor
CVE-2010-4861 EXPLOITDB text VERIFIED
webSPELL 4.2.1 - SQL Injection via asearch.php Search Parameter
SQL injection vulnerability in asearch.php in webSPELL 4.2.1 allows remote attackers to execute arbitrary SQL commands via the search parameter.
by silent vapor
EIP-2026-111353 EXPLOITDB text VERIFIED
Pluck CMS 4.6.3 - 'cont1' HTML Injection
by High-Tech Bridge SA
CVE-2010-4860 EXPLOITDB text VERIFIED
MyPhpAuction 2010 - SQL Injection via product_desc.php id Parameter
SQL injection vulnerability in product_desc.php in MyPhpAuction 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by h4ck3r
CVE-2010-5278 EXPLOITDB text VERIFIED
MODx Revolution <2.0.2-pl - Path Traversal
Directory traversal vulnerability in manager/controllers/default/resource/tvs.php in MODx Revolution 2.0.2-pl, and possibly earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the class_key parameter. NOTE: some of these details are obtained from third party information.
by John Leitch
CVE-2010-4883 EXPLOITDB text VERIFIED
MODx Revolution 2.0.2-pl - Cross-Site Scripting via modhash Parameter
Cross-site scripting (XSS) vulnerability in manager/index.php in MODx Revolution 2.0.2-pl allows remote attackers to inject arbitrary web script or HTML via the modhash parameter.
by John Leitch
CVE-2010-4863 EXPLOITDB html VERIFIED
GetSimple CMS 2.01 - Stored Cross-Site Scripting via Post-Title Parameter
Cross-site scripting (XSS) vulnerability in admin/changedata.php in GetSimple CMS 2.01 allows remote attackers to inject arbitrary web script or HTML via the post-title parameter.
by High-Tech Bridge SA
CVE-2010-2943 EXPLOITDB HIGH c VERIFIED
Linux kernel <2.6.35 - Info Disclosure
The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle.
by Red Hat
CVSS 8.1
CVE-2010-3437 EXPLOITDB c VERIFIED
Linux kernel <2.6.36-rc6 - Info Disclosure/DoS
Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and system crash) via a crafted index value in a PKT_CTRL_CMD_STATUS ioctl call.
by Jon Oberheide
EIP-2026-119347 EXPLOITDB text
Aleza Portal 1.6 - Insecure SQL Injection / Cookie Handling
by KnocKout
CVE-2010-0483 EXPLOITDB ruby VERIFIED
Microsoft Windows VBScript - Remote Code Execution via MsgBox Help File Argument
vbscript.dll in VBScript 5.1, 5.6, 5.7, and 5.8 in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, allows user-assisted remote attackers to execute arbitrary code by referencing a (1) local pathname, (2) UNC share pathname, or (3) WebDAV server with a crafted .hlp file in the fourth argument (aka helpfile argument) to the MsgBox function, leading to code execution involving winhlp32.exe when the F1 key is pressed, aka "VBScript Help Keypress Vulnerability."
by Metasploit
CVE-2007-1748 EXPLOITDB ruby VERIFIED
Windows 2000 Server SP4 and Server 2003 SP1/SP2 - Remote Code Execution via DNS RPC Zone Name Overflow
Stack-based buffer overflow in the RPC interface in the Domain Name System (DNS) Server Service in Microsoft Windows 2000 Server SP 4, Server 2003 SP 1, and Server 2003 SP 2 allows remote attackers to execute arbitrary code via a long zone name containing character constants represented by escape sequences.
by Metasploit
CVE-2010-4821 EXPLOITDB text VERIFIED
phpmyfaq < 2.6.9 - Cross-Site Scripting via PATH_INFO to index.php
Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.6.9 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php.
by Yam Mesicka
EIP-2026-109445 EXPLOITDB text
Micro CMS 1.0 b1 - Persistent Cross-Site Scripting
by SecPod Research
EIP-2026-109443 EXPLOITDB text VERIFIED
Micro CMS 1.0 - 'name' HTML Injection (1)
by Veerendra G.G
EIP-2026-108075 EXPLOITDB text VERIFIED
JE CMS 1.0.0 - Authentication Bypass
by Abysssec
EIP-2026-106655 EXPLOITDB text
e107 0.7.23 - SQL Injection
by High-Tech Bridge SA
EIP-2026-104912 EXPLOITDB text VERIFIED
Achievo 1.4.3 - Multiple Authorisation Vulnerabilities
by Pablo Milano
EIP-2026-104911 EXPLOITDB text VERIFIED
Achievo 1.4.3 - Cross-Site Request Forgery
by Pablo Milano
EIP-2026-100153 EXPLOITDB text VERIFIED
AtomatiCMS - Upload Arbitrary File
by Abysssec
CVE-2010-4946 EXPLOITDB text
ALLPC 2.5 - SQL Injection via products_id Parameter
SQL injection vulnerability in product_info.php in ALLPC 2.5 allows remote attackers to execute arbitrary SQL commands via the products_id parameter.
by **RoAd_KiLlEr**
CVE-2010-20111 EXPLOITDB HIGH ruby VERIFIED
Digital Music Pad v8.2.3.3.4 - Buffer Overflow
Digital Music Pad v8.2.3.3.4 contains a stack-based buffer overflow vulnerability in its playlist file parser. When opening a .pls file containing an excessively long string in the File1 field, the application fails to properly validate input length, resulting in corruption of the Structured Exception Handler (SEH) on the stack. This flaw may allow an attacker to control execution flow when the file is opened, potentially leading to arbitrary code execution.
by Abhishek Lyall
CVE-2010-20109 EXPLOITDB HIGH bash VERIFIED
Barracuda <October 2010 - Path Traversal
Barracuda products, confirmed in Spam & Virus Firewall, SSL VPN, and Web Application Firewall versions prior to October 2010, contain a path traversal vulnerability in the view_help.cgi endpoint. The locale parameter fails to properly sanitize user input, allowing attackers to inject traversal sequences and null-byte terminators to access arbitrary files on the underlying system. By exploiting this flaw, unauthenticated remote attackers can retrieve sensitive configuration files such as /mail/snapshot/config.snapshot, potentially exposing credentials, internal settings, and other critical data.
by ShadowHatesYou
CVE-2010-4947 EXPLOITDB text
ALLPC 2.5 - Cross-Site Scripting via Advanced Search Keywords Parameter
Cross-site scripting (XSS) vulnerability in advanced_search_result.php in ALLPC 2.5 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter.
by **RoAd_KiLlEr**
EIP-2026-119259 EXPLOITDB c VERIFIED
VirIT eXplorer 6.7.43 - 'tg-scan.dll' DLL Loading Arbitrary Code Execution
by anT!-Tr0J4n