Stack

155 exploits Active since Mar 2006
CVE-2008-5640 EXPLOITDB text WRITEUP
Active Bids 3.5 - SQL Injection
SQL injection vulnerability in bidhistory.asp in Active Bids 3.5 allows remote attackers to execute arbitrary SQL commands via the ItemID parameter.
CVE-2008-2536 EXPLOITDB perl WORKING POC
Yabsoft Advanced Image Hosting Script < 2.1 - SQL Injection
SQL injection vulnerability in out.php in YABSoft Advanced Image Hosting (AIH) Script 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the t parameter.
CVE-2008-6453 EXPLOITDB text WORKING POC
6rbscript - Path Traversal
Directory traversal vulnerability in section.php in 6rbScript 3.3, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the name parameter.
CVE-2009-3562 EXPLOITDB text WORKING POC
Xerver - XSS
Cross-site scripting (XSS) vulnerability in Xerver HTTP Server 4.32 allows remote attackers to inject arbitrary web script or HTML via the currentPath parameter in a chooseDirectory action.
CVE-2009-2305 EXPLOITDB python WORKING POC
ARD-9808 DVR - DoS
The ARD-9808 DVR card security camera allows remote attackers to cause a denial of service via a long URI composed of //.\ (slash slash dot backslash) sequences.