Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-116493 EXPLOITDB python VERIFIED
VideoLAN VLC Media Player < 1.1.4 - '.xspf smb://' URI Handling Remote Stack Overflow (PoC)
by s-dz
EIP-2026-112526 EXPLOITDB text VERIFIED
SyndeoCMS 2.8.02 - Multiple Vulnerabilities (1)
by Abysssec
CVE-2010-4911 EXPLOITDB text VERIFIED
PHP Classifieds Ads - SQL Injection
SQL injection vulnerability in classi/detail.php in PHP Classifieds Ads allows remote attackers to execute arbitrary SQL commands via the sid parameter.
by h4ck3r
CVE-2010-4914 EXPLOITDB text
PHP Classifieds 7.3 - Remote Code Execution via lang_path Parameter
PHP remote file inclusion vulnerability in tools/phpmailer/class.phpmailer.php in PHP Classifieds 7.3 allows remote attackers to execute arbitrary PHP code via a URL in the lang_path parameter.
by alsa7r
EIP-2026-109363 EXPLOITDB python VERIFIED
mBlogger 1.0.04 - 'addcomment.php' Persistent Cross-Site Scripting
by Ptrace Security
CVE-2010-2063 EXPLOITDB ruby VERIFIED
Samba 3.0.0-3.3.12 - Remote Code Execution via SMB1 Packet Chaining
Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet.
by Metasploit
EIP-2026-119221 EXPLOITDB html VERIFIED
Trend Micro Internet Security Pro 2010 - ActiveX 'extSetOwner()' Remote Code Execution (2)
by Abysssec
EIP-2026-115440 EXPLOITDB text
Intel Video Codecs 5.0 - Remote Denial of Service
by Matthew Bergin
EIP-2026-115242 EXPLOITDB text
FFDshow - Overflow (SEH) Exception Leading to Null Pointer on Read
by Matthew Bergin
EIP-2026-112250 EXPLOITDB text VERIFIED
smbind 0.4.7 - SQL Injection
by r00t
EIP-2026-111332 EXPLOITDB text VERIFIED
Pligg CMS 1.0.4 - SQL Injection / Cross-Site Scripting
by Bogdan Calin
CVE-2010-3070 EXPLOITDB text VERIFIED
NuSOAP 0.9.5 - Cross-Site Scripting via PATH_INFO
Cross-site scripting (XSS) vulnerability in NuSOAP 0.9.5, as used in MantisBT and other products, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to an arbitrary PHP script that uses NuSOAP classes.
by Bogdan Calin
EIP-2026-100604 EXPLOITDB text VERIFIED
visinia 1.3 - Multiple Vulnerabilities
by Abysssec
CVE-2010-0519 EXPLOITDB python VERIFIED
Apple Mac OS X - Remote Code Execution via Malformed FlashPix SubImage Header
Integer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a FlashPix image with a malformed SubImage Header Stream containing a NumberOfTiles field with a large value.
by Abysssec
EIP-2026-112979 EXPLOITDB text
vbShout 5.2.2 - Local/Remote File Inclusion
by fred777
EIP-2026-112566 EXPLOITDB text VERIFIED
TBDev 2.0 - Remote File Inclusion / SQL Injection
by Inj3ct0r
EIP-2026-112021 EXPLOITDB text VERIFIED
Shop a la Cart - Multiple Vulnerabilities
by Ariko-Security
CVE-2010-4877 EXPLOITDB text VERIFIED
OneCMS 2.6.1 - Cross-Site Scripting via View Parameter
Cross-site scripting (XSS) vulnerability in index.php in OneCMS 2.6.1 allows remote attackers to inject arbitrary web script or HTML via the view parameter.
by anT!-Tr0J4n
CVE-2010-4899 EXPLOITDB text VERIFIED
CMS WebManager-Pro <8.1 - SQL Injection
SQL injection vulnerability in c.php in CMS WebManager-Pro before 8.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by MustLive
EIP-2026-103835 EXPLOITDB text VERIFIED
Accton-based switches (3com / Dell / SMC / Foundry / EdgeCore) - Backdoor Password
by Edwin Eefting
EIP-2026-100513 EXPLOITDB text VERIFIED
rainbowportal - Multiple Vulnerabilities
by Abysssec
EIP-2026-119216 EXPLOITDB text VERIFIED
TFTPDWIN 0.4.2 - Directory Traversal
by chr1x
EIP-2026-119213 EXPLOITDB text VERIFIED
tftp desktop 2.5 - Directory Traversal
by chr1x
CVE-2010-1297 EXPLOITDB HIGH python VERIFIED
Adobe Flash Player
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, related to authplay.dll and the ActionScript Virtual Machine 2 (AVM2) newfunction instruction, as exploited in the wild in June 2010.
by Abysssec
CVSS 7.8
EIP-2026-115549 EXPLOITDB text VERIFIED
LeadTools ActiveX common dialogs 16.5 - Multiple Vulnerabilities
by LiquidWorm