Exploitdb Exploits
50,095 exploits tracked across all sources.
Rumba XML 2.4 - 'index.php' Multiple HTML Injection Vulnerabilities
by High-Tech Bridge SA
PHP Joke Site Software - 'sbjoke_id' SQL Injection
by h4ck3r
dompdf 0.6.0 beta1 - Remote Code Execution via input_file Parameter
PHP remote file inclusion vulnerability in dompdf.php in dompdf 0.6.0 beta1 allows remote attackers to execute arbitrary PHP code via a URL in the input_file parameter.
by Andre_Corleone
ArtGK CMS - Cross-Site Scripting / HTML Injection
by High-Tech Bridge SA
Amiro.CMS 5.8.4.0 - Multiple HTML Injection Vulnerabilities
by High-Tech Bridge SA
Novell Netware 6.5 - OpenSSH Remote Stack Overflow
by Francis Provencher
Web-Ideas Web Shop Standard - SQL Injection
by Ariko-Security
mBlogger 1.0.04 - SQL Injection via viewpost.php postID Parameter
SQL injection vulnerability in viewpost.php in mBlogger 1.0.04 allows remote attackers to execute arbitrary SQL commands via the postID parameter.
by Ptrace Security
JE FAQ Pro 1.5.0 - SQL Injection
Multiple SQL injection vulnerabilities in the JE FAQ Pro (com_jefaqpro) component 1.5.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via category categorylist operations with (1) the catid parameter or (2) the catid parameter in a lists action.
by Chip d3 bi0s
HP Insight Diagnostics Online Edition <8.5.0-11 - XSS
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.0-11 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
by Mr Teatime
HP Insight Diagnostics Online Edition <8.5.0-11 - XSS
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.0-11 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
by Mr Teatime
HP Insight Diagnostics Online Edition <8.5.0-11 - XSS
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.0-11 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
by Mr Teatime
HP Insight Diagnostics Online Edition <8.5.0-11 - XSS
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.0-11 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
by Mr Teatime
HP Insight Diagnostics Online Edition <8.5.0-11 - XSS
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.0-11 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
by Mr Teatime
UltraVNC 1.0.8.2 - DLL Loading Arbitrary Code Execution
by Ivan Markovic
Microsoft Windows 2000 and XP SP1 - Stack-Based Buffer Overflow in Plug and Play Service
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
by Metasploit
Mereo 1.9.2 - Remote HTTP Server Denial of Service
by CwG GeNiuS
Apple QuickTime - Remote Code Execution via Untrusted Pointer Unmarshalling
The IPersistPropertyBag2::Read function in QTPlugin.ocx in Apple QuickTime 6.x, 7.x before 7.6.8, and other versions allows remote attackers to execute arbitrary code via the _Marshaled_pUnk attribute, which triggers unmarshalling of an untrusted pointer.
by Ruben Santamarta
Seagull 0.6.7 - Remote File Inclusion via Multiple Parameters
Multiple PHP remote file inclusion vulnerabilities in Seagull 0.6.7 allow remote attackers to execute arbitrary PHP code via a URL in the includeFile parameter to (1) Config/Container.php and (2) HTML/QuickForm.php in fog/lib/pear/, the (3) driverpath parameter to fog/lib/pear/DB/NestedSet.php, and the (4) path parameter to fog/lib/pear/DB/NestedSet/Output.php.
by FoX HaCkEr
com_picsell 1.0 - Path Traversal via dflink Parameter
Directory traversal vulnerability in the PicSell (com_picsell) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the dflink parameter in a prevsell dwnfree action to index.php.
by Craw
SnackAmp 3.1.2 - '.wav' Buffer Overflow (PoC)
by James Fitts
By Source