MustLive

110 exploits Active since Dec 2005
CVE-2009-3444 EXPLOITDB text WRITEUP
e107 < 0.7.16 - Cross-Site Scripting via HTTP Referer Header
Cross-site scripting (XSS) vulnerability in email.php in e107 0.7.16 and earlier allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header in a news.1 (aka news to email) action.
EIP-2026-106360 EXPLOITDB text WORKING POC
Dataface 1.0 - 'admin.php' Cross-Site Scripting
CVE-2010-4899 EXPLOITDB text WRITEUP
CMS WebManager-Pro <8.1 - SQL Injection
SQL injection vulnerability in c.php in CMS WebManager-Pro before 8.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2005-4053 EXPLOITDB text WRITEUP
coWiki 0.3.4 - Cross-Site Scripting via q Parameter
Cross-site scripting (XSS) vulnerability in coWiki 0.3.4 allows remote attackers to inject arbitrary web script or HTML via the q parameter, as demonstrated using 26.html.
EIP-2026-106170 EXPLOITDB text WORKING POC
CorePlayer - 'callback' Cross-Site Scripting
EIP-2026-106004 EXPLOITDB text WRITEUP
CMS WebManager-Pro 7.4.3 - Cross-Site Scripting / SQL Injection
EIP-2026-105907 EXPLOITDB text WRITEUP
ClickCMS - Denial of Service / CAPTCHA Bypass
EIP-2026-105791 EXPLOITDB text WRITEUP
Cetera eCommerce - Multiple SQL Injections
EIP-2026-105790 EXPLOITDB text WORKING POC
Cetera eCommerce - Multiple Cross-Site Scripting / SQL Injections
EIP-2026-105789 EXPLOITDB text WORKING POC
Cetera eCommerce - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
EIP-2026-105788 EXPLOITDB text WRITEUP
Cetera eCommerce - 'banner.php' Cross-Site Scripting
CVE-2008-0190 EXPLOITDB text WORKING POC
AwesomeTemplateEngine XSS via data[title], data[message], data[table][1][item], data[table][1][url], or data[poweredby]
Multiple cross-site scripting (XSS) vulnerabilities in templates/example_template.php in AwesomeTemplateEngine allow remote attackers to inject arbitrary web script or HTML via the (1) data[title], (2) data[message], (3) data[table][1][item], (4) data[table][1][url], or (5) data[poweredby] parameter.
EIP-2026-105252 EXPLOITDB text WORKING POC
ARTIS ABTON CMS - Multiple SQL Injections
EIP-2026-105338 EXPLOITDB text WORKING POC
AWStats 6.95/7.0 - 'awredir.pl' Multiple Cross-Site Scripting Vulnerabilities
EIP-2026-104508 EXPLOITDB text WRITEUP
XAMPP 1.6.x - 'showcode.php' Local File Inclusion
EIP-2026-104499 EXPLOITDB text WRITEUP
WordPress Plugin TYPO3 't3m_cumulus_tagcloud' Extension 1.0 - HTML Injection / Cross-Site Scripting
EIP-2026-104251 EXPLOITDB text WORKING POC
Flash Tag Cloud And MT-Cumulus Plugin - 'tagcloud' Cross-Site Scripting
EIP-2026-103936 EXPLOITDB text WORKING POC
IBM Lotus Notes Traveler 8.5.1.x - Multiple Input Validation Vulnerabilities
EIP-2026-103933 EXPLOITDB text WORKING POC
IBM Lotus Domino 8.5.x - 'x.nsf' Multiple Cross-Site Scripting Vulnerabilities
CVE-2009-2352 EXPLOITDB text WRITEUP
Google Chrome <= 1.0.154.48 - Cross-Site Scripting via Refresh Header
Google Chrome 1.0.154.48 and earlier does not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refresh header, a related issue to CVE-2009-1312. NOTE: it was later reported that 2.0.172.28, 2.0.172.37, and 3.0.193.2 Beta are also affected.
EIP-2026-104178 EXPLOITDB text WORKING POC
B-Cumulus - 'tagcloud' Multiple Cross-Site Scripting Vulnerabilities
EIP-2026-104165 EXPLOITDB text WORKING POC
Apache Tomcat 3.2.1 - 404 Error Page Cross-Site Scripting
EIP-2026-104154 EXPLOITDB text WRITEUP
Aibolit - Information Disclosure
EIP-2026-104145 EXPLOITDB text WORKING POC
(Multiple Products) - 'banner.swf' Cross-Site Scripting
EIP-2026-104133 EXPLOITDB text WORKING POC
XAMPP 1.6.x - Multiple Cross-Site Scripting Vulnerabilities