Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2010-4993 EXPLOITDB text
Joomla! com_eventcal <1.6.4 - SQL Injection
SQL injection vulnerability in the eventcal (com_eventcal) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php.
by RoAd_KiLlEr
EIP-2026-108536 EXPLOITDB text VERIFIED
Joomla! Component com_seyret - Local File Inclusion
by Cooler_ unix
EIP-2026-107966 EXPLOITDB c VERIFIED
iscripts Socialware 2.2.x - Multiple Vulnerabilities
by Salvatore Fresta
EIP-2026-107962 EXPLOITDB text VERIFIED
iScripts MultiCart 2.2 - Multiple SQL Injections
by Salvatore Fresta
EIP-2026-107312 EXPLOITDB text VERIFIED
FuseTalk 3.2/4.0 - Multiple Cross-Site Scripting Vulnerabilities
by Juan Manuel Garcia
CVE-2010-4988 EXPLOITDB text
Family Connections Who is Chatting <2.2.3 - RCE
PHP remote file inclusion vulnerability in mod_chatting/themes/default/header.php in Family Connections Who is Chatting 2.2.3 allows remote attackers to execute arbitrary PHP code via a URL in the TMPL[path] parameter.
by lumut--
EIP-2026-106211 EXPLOITDB html
cPanel 11.25 - Cross-Site Request Forgery (Add FTP Account)
by G0D-F4Th3r
EIP-2026-106210 EXPLOITDB html VERIFIED
cPanel 11.25 - Cross-Site Request Forgery
by G0D-F4Th3r
CVE-2008-0506 EXPLOITDB ruby VERIFIED
Coppermine Photo Gallery < 1.4.14 - Remote Code Execution via ImageMagick Picture Processing Parameters
include/imageObjectIM.class.php in Coppermine Photo Gallery (CPG) before 1.4.15, when the ImageMagick picture processing method is configured, allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) quality, (2) angle, or (3) clipval parameter to picEditor.php.
by Metasploit
CVE-2010-2156 EXPLOITDB python
ISC DHCP 4.0-4.0.2 and 4.1-4.1.1 - Denial of Service via Zero-Length Client ID
ISC DHCP 4.1 before 4.1.1-P1 and 4.0 before 4.0.2-P1 allows remote attackers to cause a denial of service (server exit) via a zero-length client ID.
by sid
CVE-2001-0797 EXPLOITDB ruby VERIFIED
SGI IRIX - Buffer Overflow in Login via Telnet/Rlogin Arguments
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
by Metasploit
CVE-2005-3252 EXPLOITDB ruby VERIFIED
Snort - Stack-based Buffer Overflow via Back Orifice Preprocessor
Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet.
by Metasploit
CVE-2005-1099 EXPLOITDB ruby VERIFIED
Greylisting daemon <1.4 - Buffer Overflow
Multiple buffer overflows in the HandleChild function in server.c in Greylisting daemon (GLD) 1.3 and 1.4, when GLD is listening on a network interface, allow remote attackers to execute arbitrary code.
by Metasploit
CVE-2000-0917 EXPLOITDB ruby VERIFIED
LPRng 3.6.24 - Remote Code Execution
Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.
by Metasploit
CVE-2005-2773 EXPLOITDB CRITICAL ruby VERIFIED
HP OpenView Network Node Manager <7.50 - RCE
HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl, and (4) ecscmg.ovpl.
by Metasploit
CVSS 9.8
CVE-2007-5243 EXPLOITDB ruby VERIFIED
InterBase 8.0.0.53-8.1.0.253 & WI 5.1.1.680-8.1.0.257 - Remote Code Execution via Stack Overflow
Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect function, (2) a long create request on TCP port 3050 to the (c) isc_create_database or (d) jrd8_create_database function, (3) a long attach request on TCP port 3050 to the (e) isc_attach_database or (f) PWD_db_aliased function, or unspecified vectors involving the (4) jrd8_attach_database or (5) expand_filename2 function.
by Metasploit
CVE-2007-5244 EXPLOITDB ruby VERIFIED
Borland InterBase 8.0.0.53-8.1.0.253 - Remote Code Execution via Long Attach Request
Stack-based buffer overflow in Borland InterBase LI 8.0.0.53 through 8.1.0.253 on Linux, and possibly unspecified versions on Solaris, allows remote attackers to execute arbitrary code via a long attach request on TCP port 3050 to the open_marker_file function.
by Metasploit
CVE-2007-5243 EXPLOITDB ruby VERIFIED
InterBase 8.0.0.53-8.1.0.253 & WI 5.1.1.680-8.1.0.257 - Remote Code Execution via Stack Overflow
Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect function, (2) a long create request on TCP port 3050 to the (c) isc_create_database or (d) jrd8_create_database function, (3) a long attach request on TCP port 3050 to the (e) isc_attach_database or (f) PWD_db_aliased function, or unspecified vectors involving the (4) jrd8_attach_database or (5) expand_filename2 function.
by Metasploit
CVE-2007-5243 EXPLOITDB ruby VERIFIED
InterBase 8.0.0.53-8.1.0.253 & WI 5.1.1.680-8.1.0.257 - Remote Code Execution via Stack Overflow
Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect function, (2) a long create request on TCP port 3050 to the (c) isc_create_database or (d) jrd8_create_database function, (3) a long attach request on TCP port 3050 to the (e) isc_attach_database or (f) PWD_db_aliased function, or unspecified vectors involving the (4) jrd8_attach_database or (5) expand_filename2 function.
by Metasploit
CVE-2012-6083 EXPLOITDB HIGH text VERIFIED
freeciv < 2.3.3 - Denial of Service via Crafted Packet
Freeciv before 2.3.3 allows remote attackers to cause a denial of service via a crafted packet.
by Luigi Auriemma
CVSS 7.5
CVE-2006-5972 EXPLOITDB ruby VERIFIED
NetGear WG111v2 Driver - Stack-Based Buffer Overflow via Long 802.11 Beacon Request
Stack-based buffer overflow in WG111v2.SYS in NetGear WG111v2 wireless adapter (USB) allows remote attackers to execute arbitrary code via a long 802.11 beacon request.
by Metasploit
CVE-2009-4502 EXPLOITDB ruby VERIFIED
Zabbix Agent <1.6.7 - Command Injection
The NET_TCP_LISTEN function in net.c in Zabbix Agent before 1.6.7, when running on FreeBSD or Solaris, allows remote attackers to bypass the EnableRemoteCommands setting and execute arbitrary commands via shell metacharacters in the argument to net.tcp.listen. NOTE: this attack is limited to attacks from trusted IP addresses.
by Metasploit
CVE-1999-1053 EXPLOITDB ruby VERIFIED
Apache HTTP Server - Remote Command Execution via SSI Closing Sequence Bypass
guestbook.pl cleanses user-inserted SSI commands by removing text between "<!--" and "-->" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1.3.9 and possibly other versions, since Apache allows other closing sequences besides "-->".
by Metasploit
CVE-2003-0050 EXPLOITDB ruby VERIFIED
Apple Darwin Streaming Administration Server <4.1.2 - RCE
parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via shell metacharacters.
by Metasploit
CVE-2006-2237 EXPLOITDB ruby VERIFIED
AWStats 6.4-6.5 - Remote Code Execution via Migrate Parameter
The web interface for AWStats 6.4 and 6.5, when statistics updates are enabled, allows remote attackers to execute arbitrary code via shell metacharacters in the migrate parameter.
by Metasploit