Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-116194 EXPLOITDB perl VERIFIED
RockN Wav Editor 1.8 - Denial of Service
by d4rk-h4ck3r
EIP-2026-115406 EXPLOITDB python VERIFIED
httpdx 1.5.4 - Multiple Denial of Service Vulnerabilities (http-ftp) (PoC)
by Dr_IDE
CVE-2007-2447 EXPLOITDB ruby VERIFIED
Samba 3.0.0-3.0.25rc3 - Command Injection
The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.
by Metasploit
EIP-2026-110243 EXPLOITDB php
Open-Realty 2.5.7 - Local File Disclosure
by Nikola Petrov
EIP-2026-108330 EXPLOITDB text VERIFIED
Joomla! Component com_dirfrm - Multiple SQL Injections
by Hieuneo
EIP-2026-104660 EXPLOITDB text
PHP 5.3.3 - 'ibase_gen_id()' Off-by-One Overflow
by Canberk BOLAT
CVE-2010-3742 EXPLOITDB text VERIFIED
Free Simple CMS 1.0 - Remote Code Execution via Meta or PHPINCDIR Parameter
Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) meta or (2) phpincdir parameter, a different issue than CVE-2010-3307.
by Dr.$audi
CVE-2009-3103 EXPLOITDB text
Windows Vista and Server 2008 - Remote Code Execution via SMBv2 Negotiate Protocol Request
Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via an & (ampersand) character in a Process ID High header field in a NEGOTIATE PROTOCOL REQUEST packet, which triggers an attempted dereference of an out-of-bounds memory location, aka "SMBv2 Negotiation Vulnerability." NOTE: some of these details are obtained from third party information.
by Piotr Bania
EIP-2026-118488 EXPLOITDB ruby VERIFIED
EasyFTP Server 1.7.0.11 - list.html path Stack Buffer Overflow (Metasploit)
by Metasploit
EIP-2026-118033 EXPLOITDB python VERIFIED
Triologic Media Player 8 - '.m3u' Universal Unicode Local Buffer Overflow (SEH)
by Glafkos Charalambous
EIP-2026-116698 EXPLOITDB perl VERIFIED
A-PDF WAV to MP3 Converter 1.0.0 - '.m3u' Local Stack Buffer Overflow
by d4rk-h4ck3r
EIP-2026-115784 EXPLOITDB text VERIFIED
Microsoft Windows - Win32k!xxxRealDrawMenuItem() Missing HBITMAP Bounds Checks
by Tavis Ormandy
CVE-2010-1887 EXPLOITDB text VERIFIED
Microsoft Windows 2003 Server - Improper Input Validation
The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly validate an unspecified system-call argument, which allows local users to cause a denial of service (system hang) via a crafted application, aka "Win32k Bounds Checking Vulnerability."
by Tavis Ormandy
CVE-2010-1890 EXPLOITDB text VERIFIED
Windows 7, Windows Server 2008, and Windows Vista - Denial of Service via Kernel Object ACL Validation
The kernel in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate ACLs on kernel objects, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Improper Validation Vulnerability."
by Tavis Ormandy
CVE-2010-1888 EXPLOITDB text VERIFIED
Windows XP SP3 - Local Privilege Escalation via Thread Creation Race Condition
Race condition in the kernel in Microsoft Windows XP SP3 allows local users to gain privileges via vectors involving thread creation, aka "Windows Kernel Data Initialization Vulnerability."
by Tavis Ormandy
CVE-2010-1889 EXPLOITDB HIGH text VERIFIED
Windows Vista SP1-SP2 & Server 2008 Gold-SP2 - Local Privilege Escalation via Kernel Error
Double free vulnerability in the kernel in Microsoft Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2, allows local users to gain privileges via a crafted application, related to object initialization during error handling, aka "Windows Kernel Double Free Vulnerability."
by Tavis Ormandy
CVSS 7.8
EIP-2026-115008 EXPLOITDB python
Brazip 9.0 - '.zip' Buffer Overflow (SEH)
by ITSecTeam
CVE-2010-4298 EXPLOITDB text VERIFIED
Free Simple Software 1.0 - SQL Injection via downloads_id Parameter
SQL injection vulnerability in the download module in Free Simple Software 1.0 allows remote attackers to execute arbitrary SQL commands via the downloads_id parameter in a download_now action to index.php.
by Dr.$audi
CVE-2010-3324 EXPLOITDB html VERIFIED
Microsoft Internet Explorer 8 - Auth Bypass
The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, Office SharePoint Server 2007 SP2, Groove Server 2010, and Office Web Apps, allows remote attackers to bypass the cross-site scripting (XSS) protection mechanism and conduct XSS attacks via a crafted use of the Cascading Style Sheets (CSS) @import rule, aka "HTML Sanitization Vulnerability," a different vulnerability than CVE-2010-1257.
by Mario Heiderich
EIP-2026-118217 EXPLOITDB text VERIFIED
123 FlashChat 7.8 - Multiple Vulnerabilities
by Lincoln
EIP-2026-117655 EXPLOITDB python VERIFIED
MUSE 4.9.0.006 - '.pls' Universal Local Buffer Overflow (SEH)
by Glafkos Charalambous
EIP-2026-117654 EXPLOITDB python VERIFIED
MUSE 4.9.0.006 - '.m3u' Local Buffer Overflow
by Glafkos Charalambous
EIP-2026-116591 EXPLOITDB python VERIFIED
Xilisoft Video Converter 3.1.8.0720b - '.ogg' Buffer Overflow
by Praveen Darshanam
EIP-2026-108461 EXPLOITDB text VERIFIED
Joomla! Component com_ongallery - SQL Injection
by al bayraqim
EIP-2026-108397 EXPLOITDB text VERIFIED
Joomla! Component com_jgrid 1.0 - Local File Inclusion
by Salvatore Fresta