Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-109479 EXPLOITDB perl VERIFIED
Mini-CMS / News Script Light 1.0 - Remote File Inclusion
by bd0rk
CVE-2010-4878 EXPLOITDB text VERIFIED
Kontakt Formular 1.1 - Remote Code Execution via script_pfad Parameter
PHP remote file inclusion vulnerability in formmailer.php in Kontakt Formular 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the script_pfad parameter.
by bd0rk
EIP-2026-108514 EXPLOITDB text
Joomla! Component com_remository - Arbitrary File Upload
by J3yk0ob
EIP-2026-107686 EXPLOITDB html VERIFIED
Hycus CMS 1.0.1 - Multiple Cross-Site Request Forgery Vulnerabilities
by 10n1z3d
CVE-2010-4884 EXPLOITDB text VERIFIED
Gaestebuch 1.2 - Remote Code Execution via script_pfad Parameter
PHP remote file inclusion vulnerability in guestbook/gbook.php in Gaestebuch 1.2 allows remote attackers to execute arbitrary PHP code via a URL in the script_pfad parameter.
by bd0rk
EIP-2026-106114 EXPLOITDB text VERIFIED
CompuCMS - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities
by High-Tech Bridge SA
EIP-2026-105281 EXPLOITDB text VERIFIED
Atomic Photo Album 1.0.2 - Multiple Vulnerabilities
by sh00t0ut
CVE-2010-3073 EXPLOITDB text VERIFIED
EncFS < 1.7.0 - Information Disclosure via SSL_Cipher.cpp Header Construction
SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization vectors, which makes it easier for local users to obtain sensitive information by defeating cryptographic protection mechanisms.
by Micha Riser
CVE-2010-3146 EXPLOITDB c
Microsoft Groove 2007 SP2 - Privilege Escalation
Multiple untrusted search path vulnerabilities in Microsoft Groove 2007 SP2 allow local users to gain privileges via a Trojan horse (1) mso.dll or (2) GroovePerfmon.dll file in the current working directory, as demonstrated by a directory that contains a Groove vCard (.vcg) or Groove Tool Archive (.gta) file, aka "Microsoft Groove Insecure Library Loading Vulnerability."
by Beenu Arora
CVE-2010-3143 EXPLOITDB c VERIFIED
Microsoft Windows Contacts - Untrusted Search Path and DLL Hijacking via Trojan Horse wab32res.dll
Untrusted search path vulnerability in Microsoft Windows Contacts allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wab32res.dll that is located in the same folder as a .contact, .group, .p7c, .vcf, or .wab file. NOTE: the codebase for this product may overlap the codebase for the product referenced in CVE-2010-3147.
by storm
EIP-2026-119346 EXPLOITDB c VERIFIED
Acunetix Web Vulnerability Scanner - DLL Loading Arbitrary Code Execution
by Kolor
CVE-2007-5067 EXPLOITDB ruby VERIFIED
iMatix Xitami Web Server 2.5c2 - Remote Code Execution via Long If-Modified-Since Header
Multiple buffer overflows in iMatix Xitami Web Server 2.5c2 allow remote attackers to execute arbitrary code via a long If-Modified-Since header to (1) xigui32.exe or (2) xitami.exe.
by Metasploit
EIP-2026-118959 EXPLOITDB ruby VERIFIED
NetTransport Download Manager 2.90.510 - Remote Buffer Overflow (Metasploit)
by Metasploit
CVE-2006-4688 EXPLOITDB ruby VERIFIED
Microsoft Windows <SP1 - Buffer Overflow
Buffer overflow in Client Service for NetWare (CSNW) in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via crafted messages, aka "Client Service for NetWare Memory Corruption Vulnerability."
by Metasploit
CVE-2006-2370 EXPLOITDB ruby VERIFIED
Windows 2000 and 2003 Server - Remote Code Execution via RRAS RPC Request
Buffer overflow in the Routing and Remote Access service (RRAS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," aka the "RRAS Memory Corruption Vulnerability."
by Metasploit
CVE-2003-0344 EXPLOITDB ruby VERIFIED
Microsoft Internet Explorer <6.0 - RCE
Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page.
by Metasploit
CVE-2006-1255 EXPLOITDB ruby VERIFIED
Mercur Messaging 5.0 SP3 - Buffer Overflow
Stack-based buffer overflow in the IMAP service in Mercur Messaging 5.0 SP3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string to the (1) LOGIN or (2) SELECT command, a different set of attack vectors and possibly a different vulnerability than CVE-2003-1177.
by Metasploit
CVE-2009-4769 EXPLOITDB ruby VERIFIED
httpdx <1.5 - Remote Code Execution
Multiple format string vulnerabilities in the tolog function in httpdx 1.4, 1.4.5, 1.4.6, 1.4.6b, and 1.5 allow (1) remote attackers to execute arbitrary code via format string specifiers in a GET request to the HTTP server component when logging is enabled, and allow (2) remote authenticated users to execute arbitrary code via format string specifiers in a PWD command to the FTP server component.
by Metasploit
CVE-2009-4769 EXPLOITDB ruby VERIFIED
httpdx <1.5 - Remote Code Execution
Multiple format string vulnerabilities in the tolog function in httpdx 1.4, 1.4.5, 1.4.6, 1.4.6b, and 1.5 allow (1) remote attackers to execute arbitrary code via format string specifiers in a GET request to the HTTP server component when logging is enabled, and allow (2) remote authenticated users to execute arbitrary code via format string specifiers in a PWD command to the FTP server component.
by Metasploit
CVE-2009-3837 EXPLOITDB ruby VERIFIED
Eureka Email 2.2q - Remote Code Execution via Long POP3 Error Message
Stack-based buffer overflow in Eureka Email 2.2q allows remote POP3 servers to execute arbitrary code via a long error message.
by Metasploit
EIP-2026-118402 EXPLOITDB perl
Deepin TFTP Server 1.25 - Directory Traversal
by demonalex
EIP-2026-118326 EXPLOITDB c VERIFIED
Bloodshed Dev-C++ 4.9.9.2 - Multiple EXE Loading Arbitrary Code Executions
by storm
CVE-2010-3129 EXPLOITDB text VERIFIED
uTorrent <= 2.0.3 - DLL Hijacking via Trojan Horse DLL in Torrent File Directory
Untrusted search path vulnerability in uTorrent 2.0.3 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse plugin_dll.dll, userenv.dll, shfolder.dll, dnsapi.dll, dwmapi.dll, iphlpapi.dll, dhcpcsvc.dll, dhcpcsvc6.dll, or rpcrtremote.dll that is located in the same folder as a .torrent or .btsearch file.
by Dr_IDE
CVE-2010-3124 EXPLOITDB text
VLC Media Player < 1.1.3 - Untrusted Search Path and DLL Hijacking via wintab32.dll
Untrusted search path vulnerability in bin/winvlc.c in VLC Media Player 1.1.3 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll that is located in the same folder as a .mp3 file.
by Secfence
CVE-2010-3130 EXPLOITDB c VERIFIED
TechSmith Snagit 10.x-11.x - Untrusted Search Path and DLL Hijacking via dwmapi.dll
Untrusted search path vulnerability in TechSmith Snagit all versions 10.x and 11.x allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a snag, snagcc, or snagprof file.
by Encrypt3d.M!nd