Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-105999 EXPLOITDB text VERIFIED
CMS Source - Multiple Input Validation Vulnerabilities
by High-Tech Bridge SA
EIP-2026-119569 EXPLOITDB text
PHP-Nuke 8.1 SEO Arabic - Remote File Inclusion
by LoSt.HaCkEr
CVE-2007-0038 EXPLOITDB ruby VERIFIED
Microsoft Windows 2000 SP4 through Vista - Remote Code Execution via Animated Cursor RIFF File
Stack-based buffer overflow in the animated cursor code in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a large length value in the second (or later) anih block of a RIFF .ANI, cur, or .ico file, which results in memory corruption when processing cursors, animated cursors, and icons, a variant of CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this might be a duplicate of CVE-2007-1765; if so, then CVE-2007-0038 should be preferred.
by Metasploit
EIP-2026-117462 EXPLOITDB python VERIFIED
Mediacoder 0.7.5.4710 - 'Universal' Local Buffer Overflow (SEH)
by Dr_IDE
EIP-2026-116271 EXPLOITDB python VERIFIED
Sonique 2.0 - '.xpl' Remote Stack Buffer Overflow
by Hamza_hack_dz & Black-liondz1
EIP-2026-115478 EXPLOITDB python VERIFIED
JaMP Player 4.2.2.0 - Denial of Service
by Oh Yaw Theng
EIP-2026-115064 EXPLOITDB python VERIFIED
CombiWave Lite 4.0.1.4 - Denial of Service
by Oh Yaw Theng
CVE-2009-3252 EXPLOITDB text VERIFIED
Dave Robinson Rockbandcms - SQL Injection
Multiple SQL injection vulnerabilities in news.php in Rock Band CMS 0.10 allow remote attackers to execute arbitrary SQL commands via the (1) year and (2) id parameters.
by Affix
EIP-2026-104300 EXPLOITDB html
Kleeja Upload - Cross-Site Request Forgery (Change Admin Password)
by KOLTN S
EIP-2026-104073 EXPLOITDB text VERIFIED
ServletExec - Directory Traversal / Authentication Bypass
by Stefano Di Paola
EIP-2026-102470 EXPLOITDB text VERIFIED
Computer Associates Oneview Monitor 6.0 - 'doSave.jsp' Remote Code Execution
by Giorgio Fedon
EIP-2026-119047 EXPLOITDB text VERIFIED
Portable Document Format - Specification Signature Collision
by Florian Zumbiehl
EIP-2026-118487 EXPLOITDB python VERIFIED
EasyFTP Server 1.7.0.11 - (Authenticated) Multiple Commands Remote Buffer Overflows
by Glafkos Charalambous
EIP-2026-117463 EXPLOITDB python VERIFIED
Mediacoder 0.7.5.4710 - Local Buffer Overflow
by anonymous
EIP-2026-116185 EXPLOITDB python VERIFIED
RightMark Audio Analyzer 6.2.3 - Denial of Service
by Oh Yaw Theng
EIP-2026-115801 EXPLOITDB python
Microsoft Windows Live Messenger 14.0.8117 - Animation Remote Denial of Service
by TheLeader
EIP-2026-114826 EXPLOITDB python VERIFIED
Abac Karaoke 2.15 - Denial of Service
by Oh Yaw Theng
CVE-2010-4943 EXPLOITDB text
Saurus CMS 4.7.0 - Remote Code Execution via Class Path Parameter
Multiple PHP remote file inclusion vulnerabilities in Saurus CMS 4.7.0 allow remote attackers to execute arbitrary PHP code via a URL in the class_path parameter to (1) file.php or (2) com_del.php.
by LoSt.HaCkEr
EIP-2026-111134 EXPLOITDB text
phpMUR - Remote File Disclosure
by Offensive
EIP-2026-109741 EXPLOITDB text VERIFIED
MybbCentral TagCloud 2.0 - 'Topic' HTML Injection
by 3ethicalhackers.com
EIP-2026-109031 EXPLOITDB text VERIFIED
KnowledgeTree 3.5.2 Community Edition - Persistent Cross-Site Scripting
by fdiskyou
CVE-2010-4924 EXPLOITDB text
clearBudget 0.9.8 - Remote Code Execution via actionPath Parameter
PHP remote file inclusion vulnerability in logic/controller.class.php in clearBudget 0.9.8 allows remote attackers to execute arbitrary PHP code via a URL in the actionPath parameter. NOTE: this issue has been disputed by a reliable third party
by Offensive
EIP-2026-102455 EXPLOITDB text
Apache JackRabbit 2.0.0 - webapp XPath Injection
by ADEO Security
EIP-2026-119162 EXPLOITDB html VERIFIED
SopCast 3.2.9 - Remote Command Execution
by sud0
EIP-2026-119094 EXPLOITDB html VERIFIED
RSP MP3 Player - OCX ActiveX Buffer Overflow HeapSpray
by Madjix