Exploitdb Exploits
2,009 exploits tracked across all sources.
aimstats 3.2 - Remote Code Execution via Number Parameter in Update Action
Static code injection vulnerability in process.php in AimStats 3.2 allows remote attackers to inject PHP code into config.php via the number parameter in an update action.
by Dj7xpl
aimstats < 3.2 - Remote Code Execution via Database Host Parameter
Static code injection vulnerability in process.php in AimStats 3.2 and earlier allows remote attackers to inject PHP code into config.php via the databasehost parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by Dj7xpl
toendaCMS 1.5.3 - Cross-Site Scripting via Searchword Parameter
Cross-site scripting (XSS) vulnerability in toendaCMS 1.5.3 allows remote attackers to inject arbitrary web script or HTML via the searchword parameter in a search id.
by Hanno Boeck
Roxio CinePlayer 3.2 - Remote Code Execution via Long Property Values or Method Arguments
Multiple stack-based buffer overflows in SonicDVDDashVRNav.dll in Roxio CinePlayer 3.2 allow remote attackers to execute arbitrary code via (1) unspecified long property values to SonicMediaPlayer.dll or (2) long arguments to unspecified methods in SonicMediaPlayer.dll.
by Carsten Eiram
CodeBreak < 1.1.2 - Remote Code Execution via process_method Parameter
PHP remote file inclusion vulnerability in codebreak.php in CodeBreak, probably 1.1.2 and earlier, allows remote attackers to execute arbitrary PHP code via a URL in the process_method parameter.
by John Martinelli
Nickolas Grigoriadis MiniWebsvr 0.0.6 - Path Traversal
Directory traversal vulnerability in Nickolas Grigoriadis Mini Web server (MiniWebsvr) 0.0.6 allows remote attackers to list the directory immediately above the web root via a ..%00 sequence in the URI.
by shinnai
Gran Paradiso 3.0a3 - Non-Existent applet Denial of Service
by shinnai
DeskPro 2.0.1 - Cross-Site Scripting via Username Parameter
Cross-site scripting (XSS) vulnerability in login.php in DeskPro 2.0.1 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
by John Martinelli
WF-Snippets < 1.02 - SQL Injection via index.php c Parameter
SQL injection vulnerability in index.php in the WF-Snippets 1.02 and earlier module for XOOPS allows remote attackers to execute arbitrary SQL commands via the c parameter in a cat action.
by ajann
phpMyNewsletter 0.6.10 - Remote File Inclusion via Customize.php l Parameter
PHP remote file inclusion vulnerability in customize.php for phpMyNewsletter 0.6.10 allows remote attackers to execute arbitrary PHP code via the l parameter.
by frog-m@n
Mutant 0.9.2 - Remote File Inclusion via phpbb_root_path Parameter
PHP remote file inclusion vulnerability in mutant_functions.php in the Mutant 0.9.2 portal for phpBB 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
by bd0rk
xoops_popnupblog < 2.52 - SQL Injection via postid Parameter
SQL injection vulnerability in index.php in the PopnupBlog 2.52 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the postid parameter, possibly involving the get_blogid_from_postid function in class/PopnupBlogUtils.php. NOTE: later versions such as 3.03 and 3.05 might also be affected.
by ajann
Wf-sections < 1.07 - SQL Injection
SQL injection vulnerability in the getArticle function in class/wfsarticle.php in WF-Section (aka WF-Sections) 1.0.1, as used in Xoops modules such as (1) Zmagazine 1.0, (2) Happy Linux XFsection 1.07 and earlier, and possibly other modules, allows remote attackers to execute arbitrary SQL commands via the articleid parameter to print.php.
by ajann
HP Instant Support - Driver Check < 1.5.0.3 - Remote Code Execution via HPSDDX ActiveX queryHub Function
Stack-based buffer overflow in the HPSDDX Class (SDD) ActiveX control in sdd.dll in HP Instant Support - Driver Check before 1.5.0.3 allows remote attackers to execute arbitrary code via a long argument to the queryHub function.
by John Heasman
RM+Soft Gallery 1.0 - SQL Injection via idcat Parameter
SQL injection vulnerability in categos.php in the RM+Soft Gallery (rmgallery) 1.0 module for Xoops allows remote attackers to execute arbitrary SQL commands via the idcat parameter.
by ajann
debaser < 0.92 - SQL Injection via genreid Parameter
SQL injection vulnerability in genre.php in the debaser 0.92 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the genreid parameter.
by ajann
lykos_reviews_module 1.00 - SQL Injection via uid Parameter
SQL injection vulnerability in index.php in the Lykos Reviews (lykos_reviews) 1.00 module for Xoops allows remote attackers to execute arbitrary SQL commands via the uid parameter in a u action.
by ajann
ActSoft DVD-Tools - Buffer Overflow
Buffer overflow in the ActSoft DVD-Tools ActiveX control (dvdtools.ocx) allows remote attackers to execute arbitrary code via a long DVD_TOOLS.OpenDVD property value.
by Umesh Wanve
Ay System Solutions Web Content System 2.7.1 - Remote File Inclusion via formjavascript.php
PHP remote file inclusion vulnerability in manage/javascript/formjavascript.php in Ay System Solutions Web Content System (WCS) 2.7.1 allows remote attackers to execute arbitrary PHP code via a URL in the path[JavascriptEdit] parameter.
by kezzap66345
DesignForJoomla.com D4J eZine < 2.8 - SQL Injection via Article Parameter
SQL injection vulnerability in index.php in the DesignForJoomla.com D4J eZine (com_ezine) 2.8 and earlier component for Joomla! allows remote attackers to execute arbitrary SQL commands via the article parameter in a read action.
by ajann
Microsoft Internet Explorer 6 - Denial of Service via ADODB.Recordset NextRecordset Method
Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by creating a ADODB.Recordset object and making a series of calls to the NextRecordset method with a long string argument, which causes an "invalid memory access" in the SysFreeString function, a different issue than CVE-2006-3510 and CVE-2006-3899.
by anonymous
eWebQuiz 8 - SQL Injection via QuizID Parameter
SQL injection vulnerability in eWebQuiz.asp in eWebQuiz 8 allows remote attackers to execute arbitrary SQL commands via the QuizID parameter.
by ajann
eWebquiz 8 - SQL Injection via QuizType Parameter
SQL injection vulnerability in eWebQuiz.asp in ActiveWebSoftwares.com eWebquiz 8 allows remote attackers to execute arbitrary SQL commands via the QuizType parameter, a different vector than CVE-2007-1706.
by ajann
Active Newsletter < 4.3 - SQL Injection via NewsPaperID Parameter
SQL injection vulnerability in ViewNewspapers.asp in Active Newsletter 4.3 and earlier allows remote attackers to execute arbitrary SQL commands via the NewsPaperID parameter.
by ajann
WordPress < 2.0.10 RC2 and < 2.1.3 RC2 - Authenticated Cross-Site Scripting via PATH_INFO
Cross-site scripting (XSS) vulnerability in wp-admin/vars.php in WordPress before 2.0.10 RC2, and before 2.1.3 RC2 in the 2.1 series, allows remote authenticated users with theme privileges to inject arbitrary web script or HTML via the PATH_INFO in the administration interface, related to loose regular expression processing of PHP_SELF.
by Alexander Concha
By Source