Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2010-4989 EXPLOITDB text
Ziggurat Farsi CMS - SQL Injection via main.asp grp Parameter
SQL injection vulnerability in main.asp in Ziggurat Farsi CMS allows remote attackers to execute arbitrary SQL commands via the grp parameter.
by Arash Saadatfar
CVE-2010-2731 EXPLOITDB text VERIFIED
Microsoft IIS 5.1 on Windows XP SP3 - Directory Authentication Bypass via Crafted Request
Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 on Windows XP SP3, when directory-based Basic Authentication is enabled, allows remote attackers to bypass intended access restrictions and execute ASP files via a crafted request, aka "Directory Authentication Bypass Vulnerability."
by Soroush Dalili
CVE-2010-1553 EXPLOITDB python VERIFIED
HP OpenView Network Node Manager <7.53 - Buffer Overflow
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid MaxAge parameter.
by S2 Crew
CVE-2010-1554 EXPLOITDB python VERIFIED
HP OpenView Network Node Manager <7.53 - Buffer Overflow
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid iCount parameter.
by S2 Crew
CVE-2010-1555 EXPLOITDB python VERIFIED
HP OpenView Network Node Manager <7.53 - Buffer Overflow
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid Hostname parameter.
by S2 Crew
EIP-2026-115871 EXPLOITDB perl VERIFIED
Mp3 Digitalbox 2.7.2.0 - '.mp3' Local Stack Overflow (PoC)
by v3n0m
EIP-2026-111393 EXPLOITDB text
Pointter Social Network - Local File Inclusion
by Sid3^effects
EIP-2026-108535 EXPLOITDB text
Joomla! Component com_seyret - Blind SQL Injection
by RoAd_KiLlEr
EIP-2026-107965 EXPLOITDB c VERIFIED
iScripts Socialware 2.2.x - Arbitrary File Upload
by Salvatore Fresta
EIP-2026-107957 EXPLOITDB text VERIFIED
iScripts EasyBiller - Cross-Site Scripting
by Sangteamtham
CVE-2010-4983 EXPLOITDB text VERIFIED
iScripts CyberMatch 1.0 - SQL Injection
SQL injection vulnerability in profile.php in iScripts CyberMatch 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Salvatore Fresta
EIP-2026-107947 EXPLOITDB text
Iphone Pointter Social Network - Local File Inclusion
by Sid3^effects
EIP-2026-105486 EXPLOITDB text VERIFIED
Bit Weaver 2.7 - Local File Inclusion
by John Leitch
EIP-2026-104510 EXPLOITDB text VERIFIED
Xplico 0.5.7 - 'add.ctp' Cross-Site Scripting (2)
by Marcos Garcia & Maximiliano Soler
EIP-2026-103343 EXPLOITDB text VERIFIED
Xplico 0.5.7 - 'add.ctp' Cross-Site Scripting (1)
by Marcos Garcia & Maximiliano Soler
EIP-2026-100597 EXPLOITDB text VERIFIED
VGM Forbin - 'article.asp' SQL Injection
by Th3 RDX
EIP-2026-100441 EXPLOITDB text VERIFIED
MooreAdvice - 'productlist.asp' SQL Injection
by Th3 RDX
CVE-2005-4267 EXPLOITDB ruby VERIFIED
Qualcomm WorldMail 3.0 - Remote Code Execution via Long IMAP Command
Stack-based buffer overflow in Qualcomm WorldMail 3.0 allows remote attackers to execute arbitrary code via a long IMAP command that ends with a "}" character, as demonstrated using long (1) LIST, (2) LSUB, (3) SEARCH TEXT, (4) STATUS INBOX, (5) AUTHENTICATE, (6) FETCH, (7) SELECT, and (8) COPY commands.
by Metasploit
CVE-2003-1200 EXPLOITDB ruby VERIFIED
Alt-N MDaemon 6.5.2-6.8.5 - Stack-Based Buffer Overflow via Long From Parameter
Stack-based buffer overflow in FORM2RAW.exe in Alt-N MDaemon 6.5.2 through 6.8.5 allows remote attackers to execute arbitrary code via a long From parameter to Form2Raw.cgi.
by Metasploit
EIP-2026-117871 EXPLOITDB perl VERIFIED
RM Downloader 3.1.3 (Windows 7) - Local ASLR + DEP Bypass (SEH)
by Node
EIP-2026-117612 EXPLOITDB perl VERIFIED
Mini-stream RM-MP3 Converter 3.1.2.1 - '.m3u' Local Buffer Overflow
by Madjix
EIP-2026-117461 EXPLOITDB perl VERIFIED
Mediacoder 0.7.3.4682 - Universal Buffer Overflow (SEH)
by Madjix
EIP-2026-116342 EXPLOITDB python VERIFIED
Sumatra PDF 1.1 - Denial of Service
by Azim Poonawala
CVE-2010-2549 EXPLOITDB text VERIFIED
Windows Vista SP1/SP2 and Server 2008 Gold/SP2 - Use-After-Free in LockProcessByClientId
Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2 and Server 2008 Gold and SP2 allows local users to gain privileges or cause a denial of service (system crash) by using a large number of calls to the NtUserCheckAccessForIntegrityLevel function to trigger a failure in the LockProcessByClientId function, leading to deletion of an in-use process object, aka "Win32k Reference Count Vulnerability."
by MSRC
EIP-2026-113426 EXPLOITDB text VERIFIED
Wiki Web Help 0.2.7 - Cross-Site Scripting / HTML Injection
by John Leitch