Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2001-0311 EXPLOITDB ruby VERIFIED
HP OmniBackII <A.03.50 - Privilege Escalation
Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows attackers to gain unauthorized access to an OmniBack client.
by Metasploit
CVE-2007-2175 EXPLOITDB ruby VERIFIED
Apple QuickTime Java extensions - RCE
Apple QuickTime Java extensions (QTJava.dll), as used in Safari and other browsers, and when Java is enabled, allows remote attackers to execute arbitrary code via parameters to the toQTPointer method in quicktime.util.QTHandleRef, which can be used to modify arbitrary memory when creating QTPointerRef objects, as demonstrated during the "PWN 2 0WN" contest at CanSecWest 2007.
by Metasploit
CVE-2009-2990 EXPLOITDB ruby VERIFIED
Adobe Acrobat and Reader < 9.2 - Remote Code Execution
Array index error in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow attackers to execute arbitrary code via unspecified vectors.
by Metasploit
CVE-2009-2261 EXPLOITDB ruby VERIFIED
PeaZIP <2.6.1-2.5.1 - Command Injection
PeaZIP 2.6.1, 2.5.1, and earlier on Windows allows user-assisted remote attackers to execute arbitrary commands via a .zip archive with a .txt file whose name contains | (pipe) characters and a command.
by Metasploit
CVE-2004-0608 EXPLOITDB ruby VERIFIED
Unreal Engine - RCE
The Unreal Engine, as used in DeusEx 1.112fm and earlier, Devastation 390 and earlier, Mobile Forces 20000 and earlier, Nerf Arena Blast 1.2 and earlier, Postal 2 1337 and earlier, Rune 107 and earlier, Tactical Ops 3.4.0 and earlier, Unreal 1 226f and earlier, Unreal II XMP 7710 and earlier, Unreal Tournament 451b and earlier, Unreal Tournament 2003 2225 and earlier, Unreal Tournament 2004 before 3236, Wheel of Time 333b and earlier, and X-com Enforcer, allows remote attackers to execute arbitrary code via a UDP packet containing a secure query with a long value, which overwrites memory.
by Metasploit
CVE-2006-1148 EXPLOITDB ruby VERIFIED
PeerCast < 0.1217 - Remote Code Execution via Long HTTP GET Parameter
Multiple stack-based buffer overflows in the procConnectArgs function in servmgr.cpp in PeerCast before 0.1217 allow remote attackers to execute arbitrary code via an HTTP GET request with a long (1) parameter name or (2) value in a URL, which triggers the overflow in the nextCGIarg function in servhs.cpp.
by Metasploit
CVE-2006-6332 EXPLOITDB ruby VERIFIED
MadWifi - Stack-Based Buffer Overflow in IEEE80211 Wireless Component
Stack-based buffer overflow in net80211/ieee80211_wireless.c in MadWifi before 0.9.2.1 allows remote attackers to execute arbitrary code via unspecified vectors, related to the encode_ie and giwscan_cb functions.
by Metasploit
EIP-2026-102726 EXPLOITDB text
RarCrack 0.2 - 'Filename init() .bss' (PoC)
by Stoke
CVE-2006-3459 EXPLOITDB ruby VERIFIED
libtiff < 3.8.2 - Stack-Based Buffer Overflow via Large tdir_count in TIFFFetchShortPair
Multiple stack-based buffer overflows in the TIFF library (libtiff) before 3.8.2, as used in Adobe Reader 9.3.0 and other products, allow context-dependent attackers to execute arbitrary code or cause a denial of service via unspecified vectors, including a large tdir_count value in the TIFFFetchShortPair function in tif_dirread.c.
by Metasploit
CVE-2006-3459 EXPLOITDB ruby VERIFIED
libtiff < 3.8.2 - Stack-Based Buffer Overflow via Large tdir_count in TIFFFetchShortPair
Multiple stack-based buffer overflows in the TIFF library (libtiff) before 3.8.2, as used in Adobe Reader 9.3.0 and other products, allow context-dependent attackers to execute arbitrary code or cause a denial of service via unspecified vectors, including a large tdir_count value in the TIFFFetchShortPair function in tif_dirread.c.
by Metasploit
CVE-2006-3459 EXPLOITDB ruby VERIFIED
libtiff < 3.8.2 - Stack-Based Buffer Overflow via Large tdir_count in TIFFFetchShortPair
Multiple stack-based buffer overflows in the TIFF library (libtiff) before 3.8.2, as used in Adobe Reader 9.3.0 and other products, allow context-dependent attackers to execute arbitrary code or cause a denial of service via unspecified vectors, including a large tdir_count value in the TIFFFetchShortPair function in tif_dirread.c.
by Metasploit
EIP-2026-100611 EXPLOITDB html VERIFIED
VWD-CMS - Cross-Site Request Forgery
by Abysssec
CVE-2010-3486 EXPLOITDB text VERIFIED
SmarterMail 7.1.3876 - Path Traversal
Directory traversal vulnerability in FileStorageUpload.ashx in SmarterMail 7.1.3876 allows remote attackers to read arbitrary files via a (1) ../ (dot dot slash), (2) %5C (encoded backslash), or (3) %255c (double-encoded backslash) in the name parameter.
by sqlhacker
CVE-2010-1527 EXPLOITDB python VERIFIED
Novell iPrint Client <5.44 - Buffer Overflow
Stack-based buffer overflow in Novell iPrint Client before 5.44 allows remote attackers to execute arbitrary code via a long call-back-url parameter in an op-client-interface-version action.
by Abysssec
EIP-2026-118306 EXPLOITDB python VERIFIED
Basic Web Server 1.0 - Directory Traversal / Denial of Service
by John Leitch
EIP-2026-116848 EXPLOITDB ruby VERIFIED
Audiotran 1.4.2.4 - Local Overflow (SEH) (DEP Bypass)
by Muhamad Fadzil Ramli
EIP-2026-110264 EXPLOITDB text VERIFIED
Opencart 1.4.9.1 - Arbitrary File Upload
by Net.Edit0r
EIP-2026-107052 EXPLOITDB text
Fashione E-Commerce Webshop - Multiple SQL Injections
by secret
CVE-2010-3479 EXPLOITDB text VERIFIED
BoutikOne 1.0 - SQL Injection via Page Parameter
SQL injection vulnerability in list.php in BoutikOne 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.
by BrOx-Dz
EIP-2026-102727 EXPLOITDB ruby VERIFIED
RarCrack 0.2 - Buffer Overflow (PoC)
by The_UnKn@wn
EIP-2026-100381 EXPLOITDB text VERIFIED
jmd-cms - Multiple Vulnerabilities
by Abysssec
CVE-2010-4927 EXPLOITDB text VERIFIED
Joomla! com_restaurantguide 1.0.0 - SQL Injection
SQL injection vulnerability in the Restaurant Guide (com_restaurantguide) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a country action to index.php.
by Valentin
EIP-2026-115738 EXPLOITDB text VERIFIED
Microsoft Mspaint - '.bmp' Crash (PoC)
by andrew
CVE-2010-0520 EXPLOITDB python VERIFIED
Mac OS X - Heap-Based Buffer Overflow in QuickTimeAuthoring.qtx via Crafted FLC File
Heap-based buffer overflow in QuickTimeAuthoring.qtx in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLC file, related to crafted DELTA_FLI chunks and untrusted length values in a .fli file, which are not properly handled during decompression.
by Abysssec
CVE-2010-4954 EXPLOITDB text VERIFIED
xt:Commerce Gambio 2008 - SQL Injection
SQL injection vulnerability in product_reviews_info.php in xt:Commerce Gambio 2008 allows remote attackers to execute arbitrary SQL commands via the products_id parameter.
by secret