Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-117362 EXPLOITDB perl VERIFIED
iworkstation 9.3.2.1.4 - Local Overflow (SEH)
by sanjeev gupta
CVE-2010-2553 EXPLOITDB html VERIFIED
Windows XP SP2/SP3, Vista SP1/SP2, and Windows 7 - Remote Code Execution via Crafted Media File
The Cinepak codec in Microsoft Windows XP SP2 and SP3, Windows Vista SP1 and SP2, and Windows 7 does not properly decompress media files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Cinepak Codec Decompression Vulnerability."
by Abysssec
EIP-2026-115277 EXPLOITDB text VERIFIED
Fox Audio Player 0.8.0 - '.m3u' Denial of Service
by 4n0nym0us
EIP-2026-110508 EXPLOITDB text VERIFIED
pbboard 2.1.1 - Multiple Vulnerabilities
by JIKO
EIP-2026-109864 EXPLOITDB text VERIFIED
NetArt Media Car Portal 2.0 - 'car' SQL Injection
by RoAd_KiLlEr
EIP-2026-109788 EXPLOITDB text VERIFIED
MySITE - SQL Injection / Cross-Site Scripting
by MustLive
CVE-2010-3695 EXPLOITDB text VERIFIED
Horde IMP < 4.3.8 & Groupware Webmail < 1.2.7 - XSS via Fetchmail fm_id Parameter
Cross-site scripting (XSS) vulnerability in fetchmailprefs.php in Horde IMP before 4.3.8, and Horde Groupware Webmail Edition before 1.2.7, allows remote attackers to inject arbitrary web script or HTML via the fm_id parameter in a fetchmail_prefs_save action, related to the Fetchmail configuration.
by Moritz Naumann
CVE-2010-4935 EXPLOITDB text VERIFIED
Entrans < 0.3.2 - SQL Injection via Poll SID Parameter
SQL injection vulnerability in poll.php in Entrans 0.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sid parameter.
by keracker
EIP-2026-105713 EXPLOITDB text VERIFIED
Car Portal 2.0 - Blind SQL Injection
by **RoAd_KiLlEr**
CVE-2010-0094 EXPLOITDB ruby VERIFIED
Oracle Java SE/Jav for Bus <6-5 - Info Disclosure
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18 and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is due to missing privilege checks during deserialization of RMIConnectionImpl objects, which allows remote attackers to call system-level Java functions via the ClassLoader of a constructor that is being deserialized.
by Metasploit
EIP-2026-100453 EXPLOITDB text VERIFIED
ndCMS - SQL Injection
by Abysssec
CVE-2010-2553 EXPLOITDB python VERIFIED
Windows XP SP2/SP3, Vista SP1/SP2, and Windows 7 - Remote Code Execution via Crafted Media File
The Cinepak codec in Microsoft Windows XP SP2 and SP3, Windows Vista SP1 and SP2, and Windows 7 does not properly decompress media files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Cinepak Codec Decompression Vulnerability."
by Abysssec
EIP-2026-115011 EXPLOITDB python VERIFIED
BS.Player 2.56 - '.m3u' / '.pls' File Processing Multiple Remote Denial of Service Vulnerabilities
by modpr0be
EIP-2026-114605 EXPLOITDB php VERIFIED
ZenPhoto - Config Update / Command Execution
by Abysssec
EIP-2026-110539 EXPLOITDB text VERIFIED
PEEL Premium 5.71 - SQL Injection
by KnocKout
CVE-2010-3468 EXPLOITDB text VERIFIED
Mura CMS <5.1.498-5.2.2809 & Sava CMS 5-5.2 - Path Traversal
Directory traversal vulnerability in fileManager.cfc in Mura CMS 5.1 before 5.1.498 and 5.2 before 5.2.2809, and Sava CMS 5 through 5.2, allows remote attackers to read arbitrary files via a .. (dot dot) in the FILEID parameter to the default URI under tasks/render/file/.
by mr_me
EIP-2026-100341 EXPLOITDB text VERIFIED
gokhun asp stok 1.0 - Multiple Vulnerabilities
by KnocKout
CVE-2009-20004 EXPLOITDB HIGH ruby VERIFIED
gAlan < 0.2.1 - Stack-based Buffer Overflow via .galan File Parsing
gAlan 0.2.1, a modular audio processing environment for Windows, is vulnerable to a stack-based buffer overflow when parsing .galan files. The application fails to properly validate the length of input data, allowing a specially crafted file to overwrite the stack and execute arbitrary code. Exploitation requires local interaction, typically by convincing a user to open the malicious file.
by Metasploit
CVE-2008-6898 EXPLOITDB ruby VERIFIED
SaschArt SasCam Webcam Server 2.6.5 - Buffer Overflow via XHTTP Module Get Method
Buffer overflow in the XHTTP Module 4.1.0.0 in the ActiveX control for SaschArt SasCam Webcam Server 2.6.5 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the Get method and other unspecified methods.
by Metasploit
CVE-2008-1898 EXPLOITDB ruby VERIFIED
Microsoft Office and Works - Remote Code Execution via WkImgSrv.dll WksPictureInterface Property
A certain ActiveX control in WkImgSrv.dll 7.03.0616.0, as distributed in Microsoft Works 7 and Microsoft Office 2003 and 2007, allows remote attackers to execute arbitrary code or cause a denial of service (browser crash) via an invalid WksPictureInterface property value, which triggers an improper function call.
by Metasploit
CVE-2008-4922 EXPLOITDB ruby VERIFIED
DjVu ActiveX Control for Microsoft Office - Buffer Overflow via ImageURL Property
Buffer overflow in the DjVu ActiveX Control 3.0 for Microsoft Office (DjVu_ActiveX_MSOffice.dll) allows remote attackers to execute arbitrary code via a long (1) ImageURL property, and possibly the (2) Mode, (3) Page, or (4) Zoom properties.
by Metasploit
CVE-2005-0308 EXPLOITDB ruby VERIFIED
W32Dasm 8.93 and earlier - Buffer Overflow via Large Import or Export Function Name
Buffer overflow in the wsprintf function in W32Dasm 8.93 and earlier allows remote attackers to execute arbitrary code via a large import or export function name.
by Metasploit
CVE-2009-3214 EXPLOITDB ruby VERIFIED
Photodex ProShow Gold 4.0.2549 - Stack-Based Buffer Overflow via Crafted Slideshow Project File
Multiple stack-based buffer overflows in Photodex ProShow Gold 4.0.2549 allow remote attackers to execute arbitrary code via a crafted Slideshow project (.psh) file, related to the (1) cell[n].images[m].image and (2) cell[n].sound.file fields.
by Metasploit
EIP-2026-117599 EXPLOITDB ruby VERIFIED
Millenium MP3 Studio 2.0 - '.pls' Local Stack Buffer Overflow (Metasploit)
by Metasploit
CVE-2007-4776 EXPLOITDB ruby VERIFIED
Microsoft Visual Basic 6.0 and Enterprise Edition 6.0 SP6 - Buffer Overflow via Long Reference Line in VBP File
Buffer overflow in Microsoft Visual Basic 6.0 and Enterprise Edition 6.0 SP6 allows user-assisted remote attackers to execute arbitrary code via a Visual Basic project (vbp) file containing a long Reference line, related to VBP_Open and OLE. NOTE: there are limited usage scenarios under which this would be a vulnerability.
by Metasploit