Exploitdb Exploits
50,095 exploits tracked across all sources.
Ziggurat Farsi CMS - SQL Injection via main.asp grp Parameter
SQL injection vulnerability in main.asp in Ziggurat Farsi CMS allows remote attackers to execute arbitrary SQL commands via the grp parameter.
by Arash Saadatfar
Microsoft IIS 5.1 on Windows XP SP3 - Directory Authentication Bypass via Crafted Request
Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 on Windows XP SP3, when directory-based Basic Authentication is enabled, allows remote attackers to bypass intended access restrictions and execute ASP files via a crafted request, aka "Directory Authentication Bypass Vulnerability."
by Soroush Dalili
HP OpenView Network Node Manager <7.53 - Buffer Overflow
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid MaxAge parameter.
by S2 Crew
HP OpenView Network Node Manager <7.53 - Buffer Overflow
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid iCount parameter.
by S2 Crew
HP OpenView Network Node Manager <7.53 - Buffer Overflow
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid Hostname parameter.
by S2 Crew
Mp3 Digitalbox 2.7.2.0 - '.mp3' Local Stack Overflow (PoC)
by v3n0m
iScripts Socialware 2.2.x - Arbitrary File Upload
by Salvatore Fresta
iScripts CyberMatch 1.0 - SQL Injection
SQL injection vulnerability in profile.php in iScripts CyberMatch 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Salvatore Fresta
Iphone Pointter Social Network - Local File Inclusion
by Sid3^effects
Xplico 0.5.7 - 'add.ctp' Cross-Site Scripting (2)
by Marcos Garcia & Maximiliano Soler
Xplico 0.5.7 - 'add.ctp' Cross-Site Scripting (1)
by Marcos Garcia & Maximiliano Soler
Qualcomm WorldMail 3.0 - Remote Code Execution via Long IMAP Command
Stack-based buffer overflow in Qualcomm WorldMail 3.0 allows remote attackers to execute arbitrary code via a long IMAP command that ends with a "}" character, as demonstrated using long (1) LIST, (2) LSUB, (3) SEARCH TEXT, (4) STATUS INBOX, (5) AUTHENTICATE, (6) FETCH, (7) SELECT, and (8) COPY commands.
by Metasploit
Alt-N MDaemon 6.5.2-6.8.5 - Stack-Based Buffer Overflow via Long From Parameter
Stack-based buffer overflow in FORM2RAW.exe in Alt-N MDaemon 6.5.2 through 6.8.5 allows remote attackers to execute arbitrary code via a long From parameter to Form2Raw.cgi.
by Metasploit
RM Downloader 3.1.3 (Windows 7) - Local ASLR + DEP Bypass (SEH)
by Node
Mini-stream RM-MP3 Converter 3.1.2.1 - '.m3u' Local Buffer Overflow
by Madjix
Mediacoder 0.7.3.4682 - Universal Buffer Overflow (SEH)
by Madjix
Windows Vista SP1/SP2 and Server 2008 Gold/SP2 - Use-After-Free in LockProcessByClientId
Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2 and Server 2008 Gold and SP2 allows local users to gain privileges or cause a denial of service (system crash) by using a large number of calls to the NtUserCheckAccessForIntegrityLevel function to trigger a failure in the LockProcessByClientId function, leading to deletion of an in-use process object, aka "Win32k Reference Count Vulnerability."
by MSRC
Wiki Web Help 0.2.7 - Cross-Site Scripting / HTML Injection
by John Leitch
By Source