Exploitdb Exploits
50,095 exploits tracked across all sources.
VideoLAN VLC Media Player < 1.1.4 - '.xspf smb://' URI Handling Remote Stack Overflow (PoC)
by s-dz
PHP Classifieds Ads - SQL Injection
SQL injection vulnerability in classi/detail.php in PHP Classifieds Ads allows remote attackers to execute arbitrary SQL commands via the sid parameter.
by h4ck3r
PHP Classifieds 7.3 - Remote Code Execution via lang_path Parameter
PHP remote file inclusion vulnerability in tools/phpmailer/class.phpmailer.php in PHP Classifieds 7.3 allows remote attackers to execute arbitrary PHP code via a URL in the lang_path parameter.
by alsa7r
mBlogger 1.0.04 - 'addcomment.php' Persistent Cross-Site Scripting
by Ptrace Security
Samba 3.0.0-3.3.12 - Remote Code Execution via SMB1 Packet Chaining
Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet.
by Metasploit
Trend Micro Internet Security Pro 2010 - ActiveX 'extSetOwner()' Remote Code Execution (2)
by Abysssec
FFDshow - Overflow (SEH) Exception Leading to Null Pointer on Read
by Matthew Bergin
Pligg CMS 1.0.4 - SQL Injection / Cross-Site Scripting
by Bogdan Calin
NuSOAP 0.9.5 - Cross-Site Scripting via PATH_INFO
Cross-site scripting (XSS) vulnerability in NuSOAP 0.9.5, as used in MantisBT and other products, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to an arbitrary PHP script that uses NuSOAP classes.
by Bogdan Calin
Apple Mac OS X - Remote Code Execution via Malformed FlashPix SubImage Header
Integer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a FlashPix image with a malformed SubImage Header Stream containing a NumberOfTiles field with a large value.
by Abysssec
TBDev 2.0 - Remote File Inclusion / SQL Injection
by Inj3ct0r
OneCMS 2.6.1 - Cross-Site Scripting via View Parameter
Cross-site scripting (XSS) vulnerability in index.php in OneCMS 2.6.1 allows remote attackers to inject arbitrary web script or HTML via the view parameter.
by anT!-Tr0J4n
CMS WebManager-Pro <8.1 - SQL Injection
SQL injection vulnerability in c.php in CMS WebManager-Pro before 8.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by MustLive
Accton-based switches (3com / Dell / SMC / Foundry / EdgeCore) - Backdoor Password
by Edwin Eefting
Adobe Flash Player
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, related to authplay.dll and the ActionScript Virtual Machine 2 (AVM2) newfunction instruction, as exploited in the wild in June 2010.
by Abysssec
CVSS 7.8
LeadTools ActiveX common dialogs 16.5 - Multiple Vulnerabilities
by LiquidWorm
By Source