Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2010-5227 EXPLOITDB c VERIFIED
Opera <10.62 - Privilege Escalation
Untrusted search path vulnerability in Opera before 10.62 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .htm, .mht, .mhtml, .xht, .xhtm, or .xhtl file. NOTE: some of these details are obtained from third party information.
by Nicolas Krassas
CVE-2010-3131 EXPLOITDB c VERIFIED
Mozilla Firefox < & Thunderbird < & SeaMonkey <3.5.12-3.6.9 <3.0.7-3.1.3 - DLL Hijacking
Untrusted search path vulnerability in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 on Windows XP allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .htm, .html, .jtx, .mfp, or .eml file.
by Glafkos Charalambous
CVE-2010-3967 EXPLOITDB c
Microsoft Windows Movie Maker 2.6 - Privilege Escalation
Untrusted search path vulnerability in Microsoft Windows Movie Maker (WMM) 2.6 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a Movie Maker (MSWMM) file, aka "Insecure Library Loading Vulnerability."
by TheLeader
EIP-2026-117569 EXPLOITDB c
Microsoft Windows Live Email - 'dwmapi.dll' DLL Hijacking
by Nicolas Krassas
CVE-2010-3147 EXPLOITDB c
Windows Address Book <6.00.2900.5512 - Privilege Escalation
Untrusted search path vulnerability in wab.exe 6.00.2900.5512 in Windows Address Book in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a Trojan horse wab32res.dll file in the current working directory, as demonstrated by a directory that contains a Windows Address Book (WAB), VCF (aka vCard), or P7C file, aka "Insecure Library Loading Vulnerability." NOTE: the codebase for this product may overlap the codebase for the product referenced in CVE-2010-3143.
by TheLeader
CVE-2010-3142 EXPLOITDB c
Microsoft Office PowerPoint 2007 - RCE
Untrusted search path vulnerability in Microsoft Office PowerPoint 2007 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse rpawinet.dll that is located in the same folder as a .odp, .pothtml, .potm, .potx, .ppa, .ppam, .pps, .ppt, .ppthtml, .pptm, .pptxml, .pwz, .sldm, .sldx, and .thmx file.
by TheLeader
CVE-2010-1797 EXPLOITDB python
iPhone OS - Remote Code Execution via Crafted CFF Opcodes in Embedded Fonts
Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 on the iPad, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted CFF opcodes in embedded fonts in a PDF document, as demonstrated by JailbreakMe. NOTE: some of these details are obtained from third party information.
by Jose Miguel Esparza
CVE-2010-3132 EXPLOITDB c
Adobe Dreamweaver CS5 11.0 build 4916 and 4909 - Untrusted Search Path and DLL Hijacking via Trojan Horse DLL
Untrusted search path vulnerability in Adobe Dreamweaver CS5 11.0 build 4916, build 4909, and probably other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) mfc90loc.dll or (2) dwmapi.dll that is located in the same folder as a CSS, PHP, ASP, or other file that automatically launches Dreamweaver.
by Glafkos Charalambous
EIP-2026-108169 EXPLOITDB text
Joomla! 1.5 - URL Redirecting
by Mr.MLL
EIP-2026-103999 EXPLOITDB text VERIFIED
Nagios XI - 'users.php' SQL Injection
by Adam Baldwin
CVE-2010-5299 EXPLOITDB ruby VERIFIED
MicroP 0.1.1.1600 - Buffer Overflow
Stack-based buffer overflow in MicroP 0.1.1.1600 allows remote attackers to execute arbitrary code via a crafted .mppl file. NOTE: it has been reported that the overflow is in the lpFileName parameter of the CreateFileA function, but the overflow is probably caused by a separate, unnamed function.
by James Fitts
EIP-2026-116427 EXPLOITDB python VERIFIED
Tplayer V1R10 - Denial of Service
by 41.w4r10r
EIP-2026-114838 EXPLOITDB python VERIFIED
Abyssal Metal Player 2.0.9 - Denial of Service
by 41.w4r10r
EIP-2026-109155 EXPLOITDB text
Link CMS - SQL Injection
EIP-2026-108611 EXPLOITDB text VERIFIED
Joomla! Component com_zoomportfolio - SQL Injection
by Chip d3 bi0s
EIP-2026-107351 EXPLOITDB text VERIFIED
Gazelle CMS - Multiple Vulnerabilities
by Sweet
CVE-2010-4882 EXPLOITDB text VERIFIED
Auto CMS 1.6 - Cross-Site Scripting via Sitetitle Parameter
Cross-site scripting (XSS) vulnerability in autocms.php in Auto CMS 1.6 allows remote attackers to inject arbitrary web script or HTML via the sitetitle parameter.
by High-Tech Bridge SA
EIP-2026-105180 EXPLOITDB text VERIFIED
AneCMS 1.0/1.3 - 'register/next' SQL Injection
by Sweet
EIP-2026-105177 EXPLOITDB text
AneCMS - '/registre/next' SQL Injection
by Sweet
EIP-2026-104845 EXPLOITDB text
4Images 1.7.8 - Remote File Inclusion
by LoSt.HaCkEr
EIP-2026-100456 EXPLOITDB text VERIFIED
netStartEnterprise 4.0 - SQL Injection
by L1nK
CVE-2009-3129 EXPLOITDB HIGH python
Microsoft Excel 2002 SP3-2007 SP2 - Remote Code Execution via FEATHEADER Record
Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a spreadsheet with a FEATHEADER record containing an invalid cbHdrData size element that affects a pointer offset, aka "Excel Featheader Record Memory Corruption Vulnerability."
by anonymous
CVSS 7.8
EIP-2026-115782 EXPLOITDB c
Microsoft Windows - IcmpSendEcho2Ex Interrupting Denial of Service
by l3D
EIP-2026-108648 EXPLOITDB text VERIFIED
Joomla! Component Fabrik - SQL Injection
by Mkr0x
EIP-2026-108610 EXPLOITDB text VERIFIED
Joomla! Component com_zina - SQL Injection
by Th3 RDX