Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-105693 EXPLOITDB text VERIFIED
Calendarix - 'cal_cat.php' SQL Injection
by SixP4ck3r
EIP-2026-104018 EXPLOITDB html
Opera Browser 10.60 - Clickjacking
by Pouya Daneshmand
EIP-2026-104003 EXPLOITDB html VERIFIED
Netscape Browser 9.0.0.6 - Clickjacking
by Pouya Daneshmand
EIP-2026-103859 EXPLOITDB html
Apple Safari 4.0.2 - Clickjacking
by Pouya Daneshmand
CVE-2010-5081 EXPLOITDB perl VERIFIED
Mini-Stream RM-MP3 Converter 3.1.2.1 - Buffer Overflow
Stack-based buffer overflow in Mini-Stream RM-MP3 Converter 3.1.2.1 allows remote attackers to execute arbitrary code via a long URL in a .pls file.
by Madjix
EIP-2026-119344 EXPLOITDB text VERIFIED
ActiTime 2.0-MA - Cross-Site Request Forgery
by Markot
CVE-2007-3614 EXPLOITDB ruby VERIFIED
SAP DB - Remote Code Execution via Stack-Based Buffer Overflow in waHTTP.exe
Multiple stack-based buffer overflows in waHTTP.exe (aka the SAP DB Web Server) in SAP DB, possibly 7.3 through 7.5, allow remote attackers to execute arbitrary code via (1) a certain cookie value; (2) a certain additional parameter, related to sapdbwa_GetQueryString; and other unspecified vectors related to "numerous other fields."
by Metasploit
CVE-2006-4777 EXPLOITDB ruby VERIFIED
Internet Explorer 6.0 SP1 - Buffer Overflow
Heap-based buffer overflow in the DirectAnimation Path Control (DirectAnimation.PathControl) COM object (daxctle.ocx) for Internet Explorer 6.0 SP1, on Chinese and possibly other Windows distributions, allows remote attackers to execute arbitrary code via unknown manipulations in arguments to the KeyFrame method, possibly related to an integer overflow, as demonstrated by daxctle2, and a different vulnerability than CVE-2006-4446.
by Metasploit
EIP-2026-116085 EXPLOITDB python VERIFIED
Power/Personal FTP Server - RETR Denial of Service
by antrhacks
EIP-2026-115372 EXPLOITDB text VERIFIED
Haihaisoft PDF Reader OCX Control 1.1.2.0 - Remote Buffer Overflow (PoC)
by shinnai
EIP-2026-111481 EXPLOITDB text VERIFIED
Pre Web Host System - Authentication Bypass
by D4rk357
EIP-2026-111479 EXPLOITDB text VERIFIED
Pre SoftClones Marketing Management System - Authentication Bypass
by D4rk357
CVE-2010-4959 EXPLOITDB text VERIFIED
Pre Projects Pre Podcast Portal - SQL Injection
SQL injection vulnerability in the login feature in Pre Projects Pre Podcast Portal allows remote attackers to execute arbitrary SQL commands via the password parameter.
by D4rk357
EIP-2026-111472 EXPLOITDB text VERIFIED
Pre E-Smart Cart - Authentication Bypass
by D4rk357
EIP-2026-111471 EXPLOITDB text VERIFIED
Pre Dynamic Institution - Web Authentication Bypass
by D4rk357
EIP-2026-107510 EXPLOITDB text VERIFIED
Group Office - Remote Command Execution
by ADEO Security
EIP-2026-107509 EXPLOITDB text VERIFIED
Group Office - 'comment_id' SQL Injection
by Canberk BOLAT
CVE-2010-2906 EXPLOITDB text VERIFIED
ScriptsFeed & BrotherScripts - SQL Injection
SQL injection vulnerability in articlesdetails.php in ScriptsFeed and BrotherScripts (BS) Scripts Directory allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2010-2905.
by k4k4shi
CVE-2010-2777 EXPLOITDB text VERIFIED
Novell GroupWise <7.0-8.0 - Buffer Overflow
Stack-based buffer overflow in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x before 8.0 SP2 allows remote attackers to execute arbitrary code via a long mailbox name in a CREATE command.
by Francis Provencher
EIP-2026-113404 EXPLOITDB text VERIFIED
Whizzy CMS 10.01 - Local File Inclusion
by Anarchy Angel
EIP-2026-112392 EXPLOITDB text VERIFIED
Spitfire 1.0.381 - Cross-Site Scripting / Cross-Site Request Forgery
by Nijel the Destroyer
EIP-2026-112357 EXPLOITDB text VERIFIED
Sourcefabric Campsite Articles - HTML Injection
by D4rk357
EIP-2026-111330 EXPLOITDB text VERIFIED
Pligg CMS 1.0.4 - 'search.php' Cross-Site Scripting
by High-Tech Bridge SA
EIP-2026-111305 EXPLOITDB html VERIFIED
Pixie 1.0.4 - HTML Injection / Cross-Site Scripting
by High-Tech Bridge SA
EIP-2026-111236 EXPLOITDB text VERIFIED
PHPWCMS 1.4.5 - 'PHPwcms.php' Cross-Site Scripting
by High-Tech Bridge SA