Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2010-4982 EXPLOITDB text
My Kazaam Address & Contact Organizer - SQL Injection
SQL injection vulnerability in address_book/contacts.php in My Kazaam Address & Contact Organizer allows remote attackers to execute arbitrary SQL commands via the var1 parameter.
by v3n0m
CVE-2010-2694 EXPLOITDB text
Joomla! com_redshop 1.0 - SQL Injection
SQL injection vulnerability in the redSHOP Component (com_redshop) 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter to index.php.
by v3n0m
EIP-2026-108840 EXPLOITDB text
Joomla! Component Rapid-Recipe - Persistent Cross-Site Scripting
by Sid3^effects
EIP-2026-108839 EXPLOITDB text VERIFIED
Joomla! Component Rapid-Recipe - HTML Injection
by Sid3^effects
EIP-2026-108808 EXPLOITDB text
Joomla! Component MySMS - Arbitrary File Upload
by Sid3^effects
EIP-2026-108806 EXPLOITDB text
Joomla! Component MyHome - Blind SQL Injection
by Sid3^effects
EIP-2026-106836 EXPLOITDB text VERIFIED
eliteCMS 1.01 - Multiple Cross-Site Scripting Vulnerabilities
by 10n1z3d
EIP-2026-106834 EXPLOITDB html VERIFIED
Elite CMS 1.01 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities
by 10n1z3d
CVE-2010-2700 EXPLOITDB text VERIFIED
Edge PHP Clickbank Affiliate Marketplace Script - XSS
Cross-site scripting (XSS) vulnerability in index.php in Edge PHP Clickbank Affiliate Marketplace Script (CBQuick) allows remote attackers to inject arbitrary web script or HTML via the search parameter.
by L0rd CrusAd3r
CVE-2010-0361 EXPLOITDB c++
Sun Java System Web Server 7.0 Update 7 - Stack-Based Buffer Overflow via WebDAV OPTIONS Request
Stack-based buffer overflow in the WebDAV implementation in webservd in Sun Java System Web Server (aka SJWS) 7.0 Update 7 allows remote attackers to cause a denial of service (daemon crash) and possibly have unspecified other impact via a long URI in an HTTP OPTIONS request.
by dmc
EIP-2026-119095 EXPLOITDB html VERIFIED
RSP MP3 Player OCX 3.2 - ActiveX Buffer Overflow
by blake
EIP-2026-115870 EXPLOITDB python VERIFIED
MP3 Cutter 1.8 MP3 - File Processing Remote Denial of Service
by Prashant Uniyal
EIP-2026-115869 EXPLOITDB python VERIFIED
MP3 Cutter 1.5 - Denial of Service
by Prashant Uniyal
CVE-2010-3886 EXPLOITDB html VERIFIED
Internet Explorer - Exposure of Sensitive Information via Timer ID Heap Address Leak
The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft mshtml.dll uses a certain pointer value as part of producing Timer ID values for the setTimeout and setInterval methods in VBScript and JScript, which allows remote attackers to obtain sensitive information about the heap memory addresses used by an application, as demonstrated by the Internet Explorer 8 application.
by Ruben Santamarta
EIP-2026-114510 EXPLOITDB text VERIFIED
Yappa 3.1.2 - 'yappa.php' Multiple Remote Command Execution Vulnerabilities
by Sn!pEr.S!Te Hacker
EIP-2026-113752 EXPLOITDB text VERIFIED
WordPress Plugin Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities
by Jelmer de Hen
EIP-2026-113749 EXPLOITDB text VERIFIED
WordPress Plugin Firestats - Remote Configuration File Download
by Jelmer de Hen
EIP-2026-112379 EXPLOITDB text VERIFIED
sphider 1.3.5 - Remote File Inclusion
by Li0n-PaL
CVE-2010-2858 EXPLOITDB text VERIFIED
SimpNews < 2.47.03 - Cross-Site Scripting via Layout and Sortorder Parameters
Multiple cross-site scripting (XSS) vulnerabilities in news.php in SimpNews 2.47.03 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) layout and (2) sortorder parameters.
by MustLive
EIP-2026-111705 EXPLOITDB text VERIFIED
Real Estate Manager 1.0.1 - 'index.php' Cross-Site Scripting
by bi0
CVE-2010-2845 EXPLOITDB text
Joomla! com_quickfaq 1.0.3 - SQL Injection
SQL injection vulnerability in the QuickFAQ (com_quickfaq) component 1.0.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a category action to index.php.
by RoAd_KiLlEr
EIP-2026-108787 EXPLOITDB text
Joomla! Component Minify4Joomla! - Arbitrary File Upload / Persistent Cross-Site Scripting
by Sid3^effects
EIP-2026-108679 EXPLOITDB text VERIFIED
Joomla! Component IXXO Cart - SQL Injection
by Sid3^effects
EIP-2026-107604 EXPLOITDB text
HoloCMS 9.0.47 - 'news.php' SQL Injection
by GlaDiaT0R
EIP-2026-106550 EXPLOITDB javascript VERIFIED
dotDefender 3.8-5 - Remote Code Execution (via Cross-Site Scripting)
by rAWjAW