Exploitdb Exploits
50,095 exploits tracked across all sources.
EasyFTP Server 1.7.0.11 - 'LIST' Stack Buffer Overflow (Metasploit)
by Metasploit
Progitek Visionner Photos 2.0 - File Format Denial of Service
by antrhacks
PMSoftware Simple Web Server 2.1 - 'From:' Header Processing Remote Denial of Service
by Rodrigo Escobar
Avast! Internet Security <5.0 - DoS
Integer overflow in aswFW.sys 5.0.594.0 in Avast! Internet Security 5.0 Korean Trial allows local users to cause a denial of service (memory corruption and panic) via a crafted IOCTL_ASWFW_COMM_PIDINFO_RESULTS DeviceIoControl request to \\.\aswFW.
by x90c
WordPress Plugin NextGEN Smooth Gallery 0.12 - Blind SQL Injection
by kaMtiEz
Joomla! Component com_jigsaw - 'Controller' Directory Traversal
by FL0RiX
MySQL 5.0.x < 5.0.93 and 5.1.x < 5.1.50 - SQL Injection via Executable Comment Feature
The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows remote attackers to execute arbitrary SQL commands via custom comments.
by Libing Song
JBoss JMX Console Deployer Upload and Execute
The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.
by Metasploit
CVSS 5.3
MySQL < 5.1.48 - Authenticated Denial of Service via ALTER DATABASE Command
MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory.
by Shane Bester
Apple iOS <4.0.2-3.2.2 - Privilege Escalation
Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone and iPod touch, and before 3.2.2 on the iPad, allows local users to gain privileges via vectors involving IOSurface properties, as demonstrated by JailbreakMe.
by jailbreakme
EMC Celerra Network Attached Storage - Unauthenticated Arbitrary File Access via NFS Requests
The EMC Celerra Network Attached Storage (NAS) appliance accepts external network traffic to IP addresses intended for an intranet network within the appliance, which allows remote attackers to read, create, or modify arbitrary files in the user data directory via NFS requests.
by Trustwave's SpiderLabs
D-Link WBR-2310 1.0.4 - 'GET' Remote Buffer Overflow (PoC)
by Rodrigo Escobar
Mini-stream RM-MP3 Converter/WMDownloader/ASX to MP3 Converter - Local Stack Buffer Overflow
by Praveen Darshanam
MyIT CRM - Multiple Cross-Site Scripting Vulnerabilities
by Juan Manuel Garcia
MyIT CRM - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
by Juan Manuel Garcia
Joomla! com_camelcitydb2 2.2 - SQL Injection
SQL injection vulnerability in the CamelcityDB (com_camelcitydb2) component 2.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
by Amine_92
Xerver 4.32 - Source Disclosure / HTTP Authentication Bypass (Metasploit)
by Ben Schmidt
Intellinet IP Camera MNC-L10 - Authentication Bypass
by Magnefikko
Xion Audio Player <1.0.126 - Buffer Overflow
Xion Audio Player versions 1.0.126 and prior are vulnerable to a Unicode-based stack buffer overflow triggered by opening a specially crafted .m3u playlist file. The file contains an overly long string that overwrites the Structured Exception Handler (SEH) chain, allowing an attacker to hijack execution flow and run arbitrary code.
by s-dz
SigPlus Pro ActiveX Control - Stack-Based Buffer Overflow via LCDWriteString Method
Stack-based buffer overflow in SigPlus Pro 3.74 ActiveX control allows remote attackers to execute arbitrary code via a long eighth argument (HexString) to the LCDWriteString method.
by mr_me
By Source