Exploitdb Exploits
2,809 exploits tracked across all sources.
Aardvark Topsites PHP <= 4.2.2 - Remote File Inclusion via CONFIG[path] Parameter
PHP remote file inclusion vulnerability in sources/lostpw.php in Aardvark Topsites PHP 4.2.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the CONFIG[path] parameter, as demonstrated by including a GIF that contains PHP code.
by cijfer
Invision Power Board 2.1.5 - 'search.php' Remote Code Execution
by Javier Olascoaga
phpBB Advanced Guestbook <2.4.0 - RCE
PHP remote file inclusion vulnerability in admin/addentry.php in phpBB Advanced Guestbook 2.4.0 and earlier, when register_globals is enabled, allows remote attackers to include arbitrary files via the phpbb_root_path parameter.
by n0m3rcy
phpBB TopList < 1.3.8 - Remote File Inclusion via phpbb_root_path Parameter
PHP remote file inclusion vulnerability in toplist.php in phpBB TopList 1.3.8 and earlier, when register_globals is enabled, allows remote attackers to include arbitrary files via the phpbb_root_path parameter.
by FOX_MULDER
bl4 smtp_server < 0.1.4 - Buffer Overflow via Long EHLO/MAIL FROM/RCPT TO Arguments
Buffer overflow in BL4 SMTP Server 0.1.4 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the (1) EHLO, (2) MAIL FROM, and (3) RCPT TO commands.
by Dedi Dwianto
Invision Power Board <2.1.x-2.0.x - RCE
action_public/search.php in Invision Power Board (IPB) 2.1.x and 2.0.x before 20060425 allows remote attackers to execute arbitrary PHP code via a search with a crafted value of the lastdate parameter, which alters the behavior of a regular expression to add a "#e" (execute) modifier.
by RusH
Oc 3121/3122 Printer - Denial of Service via Long Request
parser.exe in Océ (OCE) 3121/3122 Printer allows remote attackers to cause a denial of service (crash or reboot) via a long request, possibly triggering a buffer overflow.
by sh4d0wman
FlexBB 0.5.5 - SQL Injection via id Parameter
SQL injection vulnerability in function/showprofile.php in FlexBB 0.5.5 allows remote attackers to execute arbitrary SQL commands, and view all usernames and passwords, via the id parameter to the showprofile page in index.php.
by Devil-00
MyGamingLadder 7.0 - Remote File Inclusion via stats.php dir[base] Parameter
PHP remote file inclusion vulnerability in stats.php in MyGamingLadder 7.0 allows remote attackers to execute arbitrary PHP code via a URL in the dir[base] parameter.
by nukedx
Symantec Scan Engine <5.1.0.7 - Privilege Escalation
Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses a client-side check to verify a password, which allows remote attackers to gain administrator privileges via a modified client that sends certain XML requests.
by Marc Bevand
Simplog < 0.9.3 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in Jeremy Ashcraft Simplog 0.9.3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) tid parameter in (a) preview.php; the (2) cid, (3) pid, and (4) eid parameters in (b) archive.php; and the (5) pid parameter in (c) comments.php.
by nukedx
CoreNews < 2.0.1 - SQL Injection via Icon ID or User ID Parameter
Multiple SQL injection vulnerabilities in Core CoreNews 2.0.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) icon_id and (2) userid parameters in preview.php.
by nukedx
PHP Net Tools 2.7.1 - Command Injection
nettools.php in PHP Net Tools 2.7.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the host parameter.
by FOX_MULDER
Internet Photoshow 1.3 - Remote File Inclusion via Page Parameter
PHP remote file inclusion vulnerability in index.php in Internet Photoshow 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.
by Hessam-x
FlexBB < 0.5.5 - SQL Injection via flexbb_username Cookie Parameter
SQL injection vulnerability in inc/start.php in FlexBB 0.5.5 and earlier allows remote attackers to execute arbitrary SQL commands via the flexbb_username COOKIE parameter.
by Devil-00
SimpleBBS 1.0.6-1.1 - Remote Code Execution via Language Cookie Traversal
Directory traversal vulnerability in posts.php in SimpleBBS 1.0.6 through 1.1 allows remote attackers to include and execute arbitrary files via ".." sequences in the language cookie, as demonstrated by by injecting the code into the gl_session cookie of users.php, which is stored in error.log.
by rUnViRuS
quizz 1.01 - 'quizz.pl' Remote Command Execution
by FOX_MULDER
Censtore < 7.3.002 - Remote Code Execution via Page Parameter
censtore.cgi in Censtore 7.3.002 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter.
by FOX_MULDER
Sphider 1.3 - Remote Code Execution via settings_dir Parameter
PHP remote file inclusion vulnerability in admin/configset.php in Sphider 1.3 and earlier, when register_globals is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the settings_dir parameter.
by rgod
phpBB 2.0.19 - 'user_sig_bbcode_uid' Remote Code Execution
by RusH
Eric Gerdes Crafty Syntax Image Gallery <3.1g - SQL Injection
SQL injection vulnerability in slides.php in Eric Gerdes Crafty Syntax Image Gallery (CSIG) (aka PHP thumbnail Photo Gallery) 3.1g and earlier allows remote authenticated users to execute arbitrary SQL commands via the limitquery_s parameter when the $projectid variable is less than 1, which prevents the $limitquery_s from being set within slides.php.
by undefined1_
xine-lib - Buffer Overflow via Crafted MPEG Stream
Buffer overflow in xine_list_delete_current in libxine 1.14 and earlier, as distributed in xine-lib 1.1.1 and earlier, allows remote attackers to execute arbitrary code via a crafted MPEG stream.
by Federico L. Bossi Bonin
By Source