Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-116391 EXPLOITDB text VERIFIED
TeamSpeak 3.0.0-beta25 - Multiple Vulnerabilities
by Luigi Auriemma
EIP-2026-116373 EXPLOITDB text VERIFIED
Sysax Multi Server < 5.25 (SFTP Module) - Multiple Denial of Service Vulnerabilities
by leinakesi
CVE-2003-0201 EXPLOITDB ruby VERIFIED
Samba < 2.2.8a and 2.0.10 - Remote Code Execution via call_trans2open Buffer Overflow
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
by Metasploit
EIP-2026-112041 EXPLOITDB text VERIFIED
Sigmer Technologies Scribe CMS - 'copy_folder.php' Cross-Site Scripting
by High-Tech Bridge SA
EIP-2026-111869 EXPLOITDB text VERIFIED
SaffaTunes CMS - 'news.php' Multiple SQL Injections
by Th3 RDX
EIP-2026-111868 EXPLOITDB text VERIFIED
Saffa Tunes CMS - 'news.php' SQL Injection
by Th3 RDX
EIP-2026-111237 EXPLOITDB html VERIFIED
PHPWCMS 1.4.5 r398 - Cross-Site Request Forgery
by Jeremiah Talamantes
EIP-2026-110351 EXPLOITDB html VERIFIED
osCMax 2.0 - 'articles.php' Cross-Site Scripting
by High-Tech Bridge SA
EIP-2026-109810 EXPLOITDB text VERIFIED
myUPB 2.2.6 - Multiple Vulnerabilities
by ALTBTA
CVE-2010-2456 EXPLOITDB text
linker_img < 1.0 - Path Traversal via cook_lan Cookie Parameter
Multiple directory traversal vulnerabilities in index.php in Linker IMG 1.0 and earlier allow remote attackers to read and execute arbitrary local files via a URL in the (1) cook_lan cookie parameter ($lan_dir variable) or possibly (2) Sdb_type parameter. NOTE: this was originally reported as remote file inclusion, but this may be inaccurate.
by Sn!pEr.S!Te Hacker
EIP-2026-108733 EXPLOITDB text
Joomla! Component JomSocial 1.6.288 - Multiple Cross-Site Scripting Vulnerabilities
by jdc
EIP-2026-108406 EXPLOITDB text VERIFIED
Joomla! Component com_jomestate - Remote File Inclusion
by Sid3^effects
EIP-2026-108313 EXPLOITDB text
Joomla! Component com_community - Persistent Cross-Site Scripting
by Sid3^effects
CVE-2010-2463 EXPLOITDB text VERIFIED
Jamroom < 4.1.9 - Cross-Site Scripting via Forum Post ID Parameter
Cross-site scripting (XSS) vulnerability in forum.php in Jamroom before 4.1.9 allows remote attackers to inject arbitrary web script or HTML via the post_id parameter in a modify action.
by High-Tech Bridge SA
CVE-2010-2438 EXPLOITDB text VERIFIED
laubrotel g.cms_generator - SQL Injection via Lang Parameter
SQL injection vulnerability in G.CMS generator allows remote attackers to execute arbitrary SQL commands via the lang parameter to the default URI, probably index.php.
by Sid3^effects
EIP-2026-105122 EXPLOITDB text VERIFIED
Alpin CMS 1.0 - SQL Injection
by Th3 RDX
CVE-2003-0201 EXPLOITDB ruby VERIFIED
Samba < 2.2.8a and 2.0.10 - Remote Code Execution via call_trans2open Buffer Overflow
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
by Metasploit
EIP-2026-104402 EXPLOITDB text VERIFIED
Plesk Server Administrator (PSA) - 'locale' Local File Inclusion
by Pouya Daneshmand
CVE-2010-2433 EXPLOITDB text VERIFIED
IBM WebSphere ILOG JRules 6.7 - Cross-Site Scripting via RTS URL to explore.jsp, compose.jsp, or home.jsp
Multiple cross-site scripting (XSS) vulnerabilities in content/internalError.jsp in IBM WebSphere ILOG JRules 6.7 allow remote attackers to inject arbitrary web script or HTML via an RTS URL to (1) explore/explore.jsp, (2) compose/compose.jsp, or (3) home.jsp in faces/.
by IBM
EIP-2026-118650 EXPLOITDB text VERIFIED
HTTP 1.1 - GET Directory Traversal
by chr1x
CVE-2010-2439 EXPLOITDB perl VERIFIED
MoreAmp - Stack-based Buffer Overflow via Long Line in Song List File
Stack-based buffer overflow in MoreAmp allows remote attackers to execute arbitrary code via a long line in a song list (.maf file).
by Madjix
EIP-2026-112146 EXPLOITDB text VERIFIED
SimpleAssets - Authentication Bypass / Cross-Site Scripting
by L0rd CrusAd3r
CVE-2010-2460 EXPLOITDB text VERIFIED
JCE-Tech Shareasale Script 1 - SQL Injection via merchant_id Parameter
SQL injection vulnerability in merchant_product_list.php in JCE-Tech Shareasale Script (SASS) 1 allows remote attackers to execute arbitrary SQL commands via the mechant_id parameter.
by L0rd CrusAd3r
EIP-2026-110659 EXPLOITDB text VERIFIED
PHP Calendars Script - SQL Injection
by L0rd CrusAd3r
CVE-2010-2461 EXPLOITDB text VERIFIED
JCE-Tech Overstock 1 - SQL Injection via Store Parameter
SQL injection vulnerability in storecat.php in JCE-Tech Overstock 1 allows remote attackers to execute arbitrary SQL commands via the store parameter.
by L0rd CrusAd3r