Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-118484 EXPLOITDB ruby VERIFIED
EasyFTP Server 1.7.0.11 - 'LIST' Stack Buffer Overflow (Metasploit)
by Metasploit
EIP-2026-116102 EXPLOITDB text VERIFIED
Progitek Visionner Photos 2.0 - File Format Denial of Service
by antrhacks
EIP-2026-116078 EXPLOITDB perl VERIFIED
PMSoftware Simple Web Server 2.1 - 'From:' Header Processing Remote Denial of Service
by Rodrigo Escobar
CVE-2010-5075 EXPLOITDB text
Avast! Internet Security <5.0 - DoS
Integer overflow in aswFW.sys 5.0.594.0 in Avast! Internet Security 5.0 Korean Trial allows local users to cause a denial of service (memory corruption and panic) via a crafted IOCTL_ASWFW_COMM_PIDINFO_RESULTS DeviceIoControl request to \\.\aswFW.
by x90c
EIP-2026-113928 EXPLOITDB text
WordPress Plugin NextGEN Smooth Gallery 0.12 - Blind SQL Injection
by kaMtiEz
EIP-2026-108398 EXPLOITDB text VERIFIED
Joomla! Component com_jigsaw - 'Controller' Directory Traversal
by FL0RiX
EIP-2026-104861 EXPLOITDB text VERIFIED
68KB 1.0.0rc4 - Remote File Inclusion
by eidelweiss
CVE-2009-5026 EXPLOITDB text VERIFIED
MySQL 5.0.x < 5.0.93 and 5.1.x < 5.1.50 - SQL Injection via Executable Comment Feature
The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows remote attackers to execute arbitrary SQL commands via custom comments.
by Libing Song
CVE-2010-0738 EXPLOITDB MEDIUM ruby VERIFIED
JBoss JMX Console Deployer Upload and Execute
The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.
by Metasploit
CVSS 5.3
CVE-2010-2008 EXPLOITDB text VERIFIED
MySQL < 5.1.48 - Authenticated Denial of Service via ALTER DATABASE Command
MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory.
by Shane Bester
CVE-2010-2973 EXPLOITDB text VERIFIED
Apple iOS <4.0.2-3.2.2 - Privilege Escalation
Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone and iPod touch, and before 3.2.2 on the iPad, allows local users to gain privileges via vectors involving IOSurface properties, as demonstrated by JailbreakMe.
by jailbreakme
CVE-2010-2860 EXPLOITDB text
EMC Celerra Network Attached Storage - Unauthenticated Arbitrary File Access via NFS Requests
The EMC Celerra Network Attached Storage (NAS) appliance accepts external network traffic to IP addresses intended for an intranet network within the appliance, which allows remote attackers to read, create, or modify arbitrary files in the user data directory via NFS requests.
by Trustwave's SpiderLabs
EIP-2026-101012 EXPLOITDB perl VERIFIED
D-Link WBR-2310 1.0.4 - 'GET' Remote Buffer Overflow (PoC)
by Rodrigo Escobar
EIP-2026-118143 EXPLOITDB perl VERIFIED
WM Downloader 3.1.2.2 - Local Buffer Overflow (1)
by s-dz
EIP-2026-117613 EXPLOITDB python VERIFIED
Mini-stream RM-MP3 Converter/WMDownloader/ASX to MP3 Converter - Local Stack Buffer Overflow
by Praveen Darshanam
EIP-2026-115474 EXPLOITDB perl VERIFIED
Jaangle 0.98e.971 - Denial of Service
by s-dz
EIP-2026-112275 EXPLOITDB text VERIFIED
SnoGrafx - 'cat.php?cat' SQL Injection
by CoBRa_21
EIP-2026-109770 EXPLOITDB text VERIFIED
MyIT CRM - Multiple Cross-Site Scripting Vulnerabilities
by Juan Manuel Garcia
EIP-2026-109769 EXPLOITDB text VERIFIED
MyIT CRM - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
by Juan Manuel Garcia
CVE-2010-4945 EXPLOITDB text
Joomla! com_camelcitydb2 2.2 - SQL Injection
SQL injection vulnerability in the CamelcityDB (com_camelcitydb2) component 2.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
by Amine_92
EIP-2026-105212 EXPLOITDB text VERIFIED
APT-WEBSHOP-SYSTEM - 'modules.php' SQL Injection
by secret
EIP-2026-119316 EXPLOITDB ruby VERIFIED
Xerver 4.32 - Source Disclosure / HTTP Authentication Bypass (Metasploit)
by Ben Schmidt
EIP-2026-101810 EXPLOITDB text VERIFIED
Intellinet IP Camera MNC-L10 - Authentication Bypass
by Magnefikko
CVE-2010-20042 EXPLOITDB HIGH perl VERIFIED
Xion Audio Player <1.0.126 - Buffer Overflow
Xion Audio Player versions 1.0.126 and prior are vulnerable to a Unicode-based stack buffer overflow triggered by opening a specially crafted .m3u playlist file. The file contains an overly long string that overwrites the Structured Exception Handler (SEH) chain, allowing an attacker to hijack execution flow and run arbitrary code.
by s-dz
CVE-2010-2931 EXPLOITDB html VERIFIED
SigPlus Pro ActiveX Control - Stack-Based Buffer Overflow via LCDWriteString Method
Stack-based buffer overflow in SigPlus Pro 3.74 ActiveX control allows remote attackers to execute arbitrary code via a long eighth argument (HexString) to the LCDWriteString method.
by mr_me