Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-100356 EXPLOITDB text
i-Gallery - Multiple Vulnerabilities
by SONIC
EIP-2026-100207 EXPLOITDB text VERIFIED
ClickGallery Server - SQL Injection
by SONIC
CVE-2010-2847 EXPLOITDB text VERIFIED
InterJoomla ArtForms 2.1b7.2 RC2 - SQL Injection
Multiple SQL injection vulnerabilities in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allow remote attackers to execute arbitrary SQL commands via the viewform parameter in a (1) ferforms or (2) tferforms action to index.php, and the (3) id parameter in a vferforms action to index.php.
by Salvatore Fresta
CVE-2010-2846 EXPLOITDB text VERIFIED
InterJoomla ArtForms (com_artforms) 2.1b7.2 RC2 - Cross-Site Scripting via afmsg Parameter
Cross-site scripting (XSS) vulnerability in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the afmsg parameter to index.php.
by Salvatore Fresta
CVE-2010-2697 EXPLOITDB text VERIFIED
Sijio Community Software - Authenticated Stored Cross-Site Scripting via Blog Title Parameter
Cross-site scripting (XSS) vulnerability in Sijio Community Software allows remote authenticated users to inject arbitrary web script or HTML via the title parameter when adding a new blog, related to edit_blog/index.php. NOTE: some of these details are obtained from third party information.
by Sid3^effects
CVE-2010-2696 EXPLOITDB text VERIFIED
Sijio Community Software - SQL Injection
SQL injection vulnerability in gallery/index.php in Sijio Community Software allows remote attackers to execute arbitrary SQL commands via the parent parameter.
by Sid3^effects
CVE-2002-0392 EXPLOITDB ruby VERIFIED
Apache HTTP Server 1.3-1.3.24 & 2.0-2.0.36 - DoS & RCE via Chunk-Encoded Request
Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.
by Metasploit
CVE-2004-1134 EXPLOITDB ruby VERIFIED
Microsoft w3who.dll - Buffer Overflow via Long Query String
Buffer overflow in the Microsoft W3Who ISAPI (w3who.dll) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long query string.
by Metasploit
CVE-2005-1348 EXPLOITDB ruby VERIFIED
MailEnable Enterprise < 1.04 and Professional < 1.54 - Remote Code Execution via HTTP Authorization Header
Buffer overflow in HTTPMail in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earlier allows remote attackers to execute arbitrary code via a long HTTP Authorization header.
by Metasploit
EIP-2026-118633 EXPLOITDB python VERIFIED
Hero DVD Remote 1.0 - Remote Buffer Overflow
by chap0
CVE-2005-0595 EXPLOITDB ruby VERIFIED
BadBlue 2.55 - Remote Code Execution via Long mfcisapicommand Parameter
Buffer overflow in ext.dll in BadBlue 2.55 allows remote attackers to execute arbitrary code via a long mfcisapicommand parameter.
by Metasploit
CVE-2008-4193 EXPLOITDB ruby VERIFIED
Alt-N SecurityGateway 1.0.1 - Stack-Based Buffer Overflow via Long Username Parameter
Stack-based buffer overflow in SecurityGateway.dll in Alt-N Technologies SecurityGateway 1.0.1 allows remote attackers to execute arbitrary code via a long username parameter.
by Metasploit
CVE-2010-1964 EXPLOITDB text VERIFIED
HP OpenView Network Node Manager ovwebsnmpsrv.exe ovutil Buffer Overflow
Buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unspecified parameters to jovgraph.exe, aka ZDI-CAN-683.
by bitform
EIP-2026-117257 EXPLOITDB python VERIFIED
GSM SIM Utility 5.15 - Direct RET Overflow
by chap0
EIP-2026-114372 EXPLOITDB text VERIFIED
Worxware DCP-Portal 7.0 - Multiple Cross-Site Scripting Vulnerabilities
by Andrei Rimsa Alvares
CVE-2010-4986 EXPLOITDB text VERIFIED
Simple Document Management System - SQL Injection
SQL injection vulnerability in detail.php in Simple Document Management System (SDMS) allows remote attackers to execute arbitrary SQL commands via the doc_id parameter.
by Sid3^effects
CVE-2010-2698 EXPLOITDB text VERIFIED
Sijio Community Software - Authenticated Cross-Site Scripting via Title Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Sijio Community Software allow remote authenticated users to inject arbitrary web script or HTML via the title parameter when (1) editing a new blog, (2) adding an album, or (3) editing an album. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by Sid3^effects
EIP-2026-111833 EXPLOITDB text VERIFIED
RunCMS 2.1 - 'check.php' Cross-Site Scripting
by Andrei Rimsa Alvares
CVE-2010-4992 EXPLOITDB text
Payments Plus 2.1.5 - SQL Injection
SQL injection vulnerability in the Payments Plus component 2.1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the type parameter to add.html.
by Sid3^effects
CVE-2010-2848 EXPLOITDB text VERIFIED
InterJoomla ArtForms <2.1b7.2 - Path Traversal
Directory traversal vulnerability in assets/captcha/includes/alikon/playcode.php in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the l parameter.
by Salvatore Fresta
EIP-2026-107491 EXPLOITDB text VERIFIED
Green Shop - SQL Injection
by PrinceofHacking
CVE-2010-5002 EXPLOITDB text VERIFIED
Exponent CMS 0.97.0 - Cross-Site Scripting via u Parameter
Cross-site scripting (XSS) vulnerability in modules/slideshowmodule/slideshow.js.php in Exponent CMS 0.97.0 allows remote attackers to inject arbitrary web script or HTML via the u parameter.
by Andrei Rimsa Alvares
EIP-2026-103686 EXPLOITDB text VERIFIED
Ubisoft Ghost Recon Advanced Warfighter - Integer Overflow / Array Indexing Overflow
by Luigi Auriemma
EIP-2026-102773 EXPLOITDB bash VERIFIED
Altair Engineering PBS Pro 10.x - 'pbs_mom' Insecure Temporary File Creation
by Bartlomiej Balcerek
EIP-2026-101764 EXPLOITDB html
Harris Stratex StarMAX 2100 WIMAX Subscriber Station - Running Configuration Cross-Site Request Forgery
by kalyanakumar