Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2010-2932 EXPLOITDB html VERIFIED
BarCodeWiz BarCode 3.29 ActiveX Control - Buffer Overflow via LoadProperties Method
Buffer overflow in BarCodeWiz BarCode 3.29 ActiveX control (BarcodeWiz.dll) allows remote attackers to execute arbitrary code via a long argument to the LoadProperties method.
by Dr_IDE
EIP-2026-116618 EXPLOITDB perl VERIFIED
Xmyplay 3.5.1 - Denial of Service
by s-dz
EIP-2026-108553 EXPLOITDB text VERIFIED
Joomla! Component com_spielothek 1.6.9 - Multiple Blind SQL Injections
by Salvatore Fresta
EIP-2026-106119 EXPLOITDB text VERIFIED
Concept E-Commerce - SQL Injection
by gendenk
CVE-2010-2932 EXPLOITDB html VERIFIED
BarCodeWiz BarCode 3.29 ActiveX Control - Buffer Overflow via LoadProperties Method
Buffer overflow in BarCodeWiz BarCode 3.29 ActiveX control (BarcodeWiz.dll) allows remote attackers to execute arbitrary code via a long argument to the LoadProperties method.
by loneferret
EIP-2026-115049 EXPLOITDB perl VERIFIED
ChordPulse 1.4 - Denial of Service
by Madjix
CVE-2010-2932 EXPLOITDB html VERIFIED
BarCodeWiz BarCode 3.29 ActiveX Control - Buffer Overflow via LoadProperties Method
Buffer overflow in BarCodeWiz BarCode 3.29 ActiveX control (BarcodeWiz.dll) allows remote attackers to execute arbitrary code via a long argument to the LoadProperties method.
by loneferret
EIP-2026-112356 EXPLOITDB text VERIFIED
Sourcefabric Campsite - Multiple Cross-Site Scripting Vulnerabilities
by High-Tech Bridge SA
EIP-2026-117287 EXPLOITDB perl VERIFIED
HTML Email Creator 2.42 build 718 - Local Buffer Overflow (SEH)
by Madjix
EIP-2026-113405 EXPLOITDB text VERIFIED
Whizzy CMS 10.02 - Local File Inclusion
by Anarchy Angel
EIP-2026-108543 EXPLOITDB text VERIFIED
Joomla! Component com_SimpleShop - SQL Injection
by UnD3rGr0unD W4rri0rZ
EIP-2026-108475 EXPLOITDB text VERIFIED
Joomla! Component com_pbbooking 1.0.4_3 - Multiple Blind SQL Injections
by Salvatore Fresta
EIP-2026-108276 EXPLOITDB text VERIFIED
Joomla! Component com_beamospetition - SQL Injection
by Forza-Dz
CVE-2010-10017 EXPLOITDB HIGH python VERIFIED
WM Downloader 3.1.2.2 - Buffer Overflow
WM Downloader version 3.1.2.2 is vulnerable to a buffer overflow when processing a specially crafted .m3u playlist file. The application fails to properly validate input length, allowing an attacker to overwrite structured exception handler (SEH) records and execute arbitrary code. Exploitation occurs locally when a user opens the malicious file, and the payload executes with the privileges of the current user.
by fdiskyou
EIP-2026-119239 EXPLOITDB python VERIFIED
UPlusFTP Server 1.7.1.01 - (Authenticated) HTTP Remote Buffer Overflow
by Karn Ganeshen & corelanc0d3r
EIP-2026-119183 EXPLOITDB c
Symantec Ams Intel Alert Handler Service - Design Flaw
by Spider
EIP-2026-118196 EXPLOITDB text
Zemana AntiLogger 'AntiLog32.sys' 1.5.2.755 - Local Privilege Escalation
by th_decoder
CVE-2008-2938 EXPLOITDB c VERIFIED
Apache Tomcat 4.1.0-4.1.37, 5.5.0-5.5.26, 6.0.0-6.0.16 - Directory Traversal via Encoded URI Sequences
Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequences in the URI, a different vulnerability than CVE-2008-2370. NOTE: versions earlier than 6.0.18 were reported affected, but the vendor advisory lists 6.0.16 as the last affected version.
by mywisdom
EIP-2026-112388 EXPLOITDB text VERIFIED
SPIP 2.1 - 'var_login' Cross-Site Scripting
by dotsafe.fr
EIP-2026-109975 EXPLOITDB text
nuBuilder - Remote File Inclusion
by Ahlspiess
EIP-2026-108482 EXPLOITDB text VERIFIED
Joomla! Component com_photomapgallery 1.6.0 - Multiple Blind SQL Injections
by Salvatore Fresta
EIP-2026-105791 EXPLOITDB text VERIFIED
Cetera eCommerce - Multiple SQL Injections
by MustLive
EIP-2026-105789 EXPLOITDB text VERIFIED
Cetera eCommerce - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
by MustLive
CVE-2010-2933 EXPLOITDB text
AV Scripts AV Arcade 3 - SQL Injection
SQL injection vulnerability in AV Scripts AV Arcade 3 allows remote attackers to execute arbitrary SQL commands via the ava_code cookie to the "main page," related to index.php and the login task.
by saudi0hacker
CVE-2010-2785 EXPLOITDB text VERIFIED
KVIrc 3.x-4.x - Authenticated Arbitrary CTCP Command Execution via Backslash Handling
The IRC Protocol component in KVIrc 3.x and 4.x before r4693 does not properly handle \ (backslash) characters, which allows remote authenticated users to execute arbitrary CTCP commands via vectors involving \r and \40 sequences, a different vulnerability than CVE-2010-2451 and CVE-2010-2452.
by unic0rn