Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-108221 EXPLOITDB text
Joomla! Component Biblioteca 1.0 Beta - Multiple SQL Injections
by Salvatore Fresta
EIP-2026-100578 EXPLOITDB text VERIFIED
T-dreams Announcement Script - SQL Injection
by Br0wn Sug4r
CVE-2009-0565 EXPLOITDB python
Microsoft Office Word 2000 SP3, 2002 SP3, 2007 SP1-SP2 - Remote Code Execution via Malformed Record
Buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a Word document with a malformed record that triggers memory corruption, aka "Word Buffer Overflow Vulnerability."
by anonymous
EIP-2026-116075 EXPLOITDB python VERIFIED
PlayPad Music Player 1.12 - '.mp3' Denial of Service
by Praveen Darshanam
EIP-2026-115500 EXPLOITDB perl VERIFIED
Karaoke Video Creator 2.2.8 - Denial of Service
by PASSEWORD
EIP-2026-115109 EXPLOITDB python VERIFIED
Crystal Player 1.98 - '.mls' Buffer Overflow
by Praveen Darshanam
EIP-2026-114954 EXPLOITDB python VERIFIED
AV Music Morpher Gold 5.0.38 - '.m3u' Denial of Service
by b0telh0
EIP-2026-108343 EXPLOITDB text VERIFIED
Joomla! Component com_extcalendar - Blind SQL Injection
by Lagripe-Dz
CVE-2010-3683 EXPLOITDB text VERIFIED
Oracle MySQL 5.1 < 5.1.49 and 5.5 < 5.5.5 - Authenticated Denial of Service via LOAD DATA INFILE
Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request.
by Elena Stepanova
CVE-2010-3679 EXPLOITDB text VERIFIED
Oracle MySQL 5.1 - Authenticated Denial of Service via BINLOG Command
Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via certain arguments to the BINLOG command, which triggers an access of uninitialized memory, as demonstrated by valgrind.
by Shane Bester
CVE-2010-3681 EXPLOITDB text VERIFIED
Oracle MySQL 5.1 < 5.1.49 and 5.5 < 5.5.5 - Authenticated Denial of Service via HANDLER Interface
Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using the HANDLER interface and performing "alternate reads from two indexes on a table," which triggers an assertion failure.
by Matthias Leich
CVE-2010-3682 EXPLOITDB text VERIFIED
MySQL < 5.1.49 and < 5.0.92 - Authenticated Denial of Service via EXPLAIN with Crafted SELECT UNION ORDER BY
Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function.
by Bjorn Munch
EIP-2026-116433 EXPLOITDB perl VERIFIED
Tuniac 100723 - Denial of Service
by d4rk-h4ck3r
EIP-2026-116270 EXPLOITDB text
SonicWALL E-Class SSL-VPN - ActiveX Control Format String Overflow
by Nikolas Sotiriu
EIP-2026-115241 EXPLOITDB perl VERIFIED
Fennec 1.2 Beta 3 - Denial of Service
by d4rk-h4ck3r
EIP-2026-112973 EXPLOITDB text
vbbuletin 4.0.4 - Multiple Vulnerabilities
by mc2_s3lector
EIP-2026-112534 EXPLOITDB text VERIFIED
Syntax Highlighter 3.0.83 - 'index.html' HTML Injection
by indoushka
CVE-2010-2544 EXPLOITDB text VERIFIED
Cacti < 0.8.7g - Cross-Site Scripting via Filter Parameter
Cross-site scripting (XSS) vulnerability in utilities.php in Cacti before 0.8.7g, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote attackers to inject arbitrary web script or HTML via the filter parameter.
by Marc Schoenefeld
CVE-2010-3680 EXPLOITDB text VERIFIED
Oracle MySQL 5.1 - Authenticated Denial of Service via Temporary Table Creation with Nullable Columns
Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by creating temporary tables with nullable columns while using InnoDB, which triggers an assertion failure.
by Boris Reisig
CVE-2010-3202 EXPLOITDB html VERIFIED
Flock Browser 3.0.0.3989 - Cross-Site Scripting via Crafted Bookmark
Cross-site scripting (XSS) vulnerability in Flock Browser 3.0.0.3989 allows remote attackers to inject arbitrary web script or HTML via a crafted bookmark.
by Lostmon
EIP-2026-103172 EXPLOITDB text VERIFIED
Nagios XI - 'login.php' Multiple Cross-Site Scripting Vulnerabilities
by Adam Baldwin
CVE-2010-2693 EXPLOITDB c VERIFIED
FreeBSD 7.1-8.1-PRERELEASE - Denial of Service and Privilege Escalation via sendfile System Call
FreeBSD 7.1 through 8.1-PRERELEASE does not copy the read-only flag when creating a duplicate mbuf buffer reference, which allows local users to cause a denial of service (system file corruption) and gain privileges via the sendfile system call.
by kingcope
EIP-2026-118518 EXPLOITDB text VERIFIED
Enemy Territory: Quake Wars 1.5.12642.33243 - Remote Buffer Overflow
by Luigi Auriemma
EIP-2026-116697 EXPLOITDB python VERIFIED
A-PDF WAV to MP3 1.0.0 - Universal Local (SEH)
by Dr_IDE
EIP-2026-116475 EXPLOITDB perl VERIFIED
VbsEdit 4.6.1.0 - Denial of Service
by C.G. Tan