Exploitdb Exploits
50,095 exploits tracked across all sources.
Campsite CMS 3.4.0 - Multiple Cross-Site Request Forgery Vulnerabilities
by 10n1z3d
Asterisk Recording Interface 0.7.15/0.10 - Multiple Vulnerabilities
by TurboBorland
libpam-modules <1.1.0-2ubuntu1.1/1.1.1-2ubuntu5 - Privilege Escalation
pam_motd (aka the MOTD module) in libpam-modules before 1.1.0-2ubuntu1.1 in PAM on Ubuntu 9.10 and libpam-modules before 1.1.1-2ubuntu5 in PAM on Ubuntu 10.04 LTS allows local users to change the ownership of arbitrary files via a symlink attack on .cache in a user's home directory, related to "user file stamps" and the motd.legal-notice file.
by anonymous
libtiff - Denial of Service via Malformed TIFF File
The TIFFReadDirectory function in LibTIFF 3.9.0 does not properly validate the data types of codec-specific tags that have an out-of-order position in a TIFF file, which allows remote attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2010-2481.
by Tom Lane
TomatoCMS 2.0.6 - Cross-Site Request Forgery
Cross-site request forgery (CSRF) vulnerability in TomatoCMS 2.0.6 allows remote attackers to hijack the authentication of administrators for requests that change the administrative password.
by 10n1z3d
TomatoCart 1.0.1 - Multiple Cross-Site Request Forgery Vulnerabilities
by 10n1z3d
RunCMS 2.1 - 'magpie_debug.php' Cross-Site Scripting
by John Leitch
Orbis CMS 1.0.2 - Multiple Cross-Site Request Forgery Vulnerabilities
by 10n1z3d
Macs CMS 1.1.4 - Cross-Site Scripting / Cross-Site Request Forgery
by 10n1z3d
Frog CMS 0.9.5 - Multiple Cross-Site Request Forgery Vulnerabilities
by 10n1z3d
CSSTidy 1.3 - 'css_optimiser.php' Cross-Site Scripting
by John Leitch
CMS Made Simple Module Download Manager 1.4.1 - Arbitrary File Upload
by John Leitch
CMS Made Simple Module Antz Toolkit 1.02 - Arbitrary File Upload
by John Leitch
CMS Made Simple 1.8 - 'default_cms_lang' Local File Inclusion
by John Leitch
Mac's CMS 1.1.4 - 'SearchString' Cross-Site Scripting
by 10n1z3d
My Kazaam Notes Management System - SQL Injection
SQL injection vulnerability in notes.php in My Kazaam Notes Management System allows remote attackers to execute arbitrary SQL commands via vectors involving the "Enter Reference Number Below" text box.
by L0rd CrusAd3r
Edge PHP Clickbank Affiliate Marketplace Script - SQL Injection
SQL injection vulnerability in index.php in Edge PHP Clickbank Affiliate Marketplace Script (CBQuick) allows remote attackers to execute arbitrary SQL commands via the search parameter.
by L0rd CrusAd3r
Sillaj time tracking tool - Authentication Bypass
by L0rd CrusAd3r
PHP-Nuke 8.1.0.3.5b (Your_Account Module) - Blind SQL Injection (Benchmark Mode)
by yawn
My Kazaam Notes Management System - XSS
Cross-site scripting (XSS) vulnerability in notes.php in My Kazaam Notes Management System allows remote attackers to inject arbitrary web script or HTML via vectors involving the "Enter Reference Number Below" text box.
by L0rd CrusAd3r
By Source