Exploitdb Exploits
2,809 exploits tracked across all sources.
Pentacle In-Out Board <= 3.0 - SQL Injection via newsid or password Parameter
Multiple SQL injection vulnerabilities in Pentacle In-Out Board 3.0 and earlier allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) newsid parameter to newsdetailsview.asp and (2) password parameter to login.asp.
by nukedx
phpWebSite <= 0.10.2 - SQL Injection via Topic Parameter
SQL injection vulnerability in topics.php in Appalachian State University phpWebSite 0.10.2 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter.
by SnIpEr_SA
Windows Media Player 9-10 - Remote Code Execution via Long EMBED src Attribute
Buffer overflow in the plug-in for Microsoft Windows Media Player (WMP) 9 and 10, when used in browsers other than Internet Explorer and set as the default application to handle media files, allows remote attackers to execute arbitrary code via HTML with an EMBED element containing a long src attribute.
by Matthew Murphy
devscripts admbook < 1.2.2 - Remote Code Execution via X-Forwarded-For Header Injection
Direct static code injection vulnerability in write.php in Admbook 1.2.2 and earlier allows remote attackers to execute arbitrary PHP code via the X-Forwarded-For HTTP header field, which is inserted into content-data.php.
by rgod
Mini-Nuke CMS < 1.8.2 - SQL Injection via pages.asp id Parameter
SQL injection vulnerability in pages.asp in Mini-Nuke CMS System 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: version 2.3 was later reported to be vulnerable as well.
by nukedx
Gravity Board X <1.1 - Code Injection
Direct static code injection vulnerability in editcss.php in Gravity Board X (GBX) 1.1 allows remote attackers to execute arbitrary PHP code, HTML, and script via the csscontent parameter, which is directly inserted into the gbxfinal.css file.
by RusH
YapBB 1.2 - 'cfgIncludeDirectory' Remote Command Execution
by cijfer
MyBulletinBoard (MyBB) 1.03 - Multiple SQL Injections
by HACKERS PAL
Fortinet FortiGate 2.8 - Auth Bypass
Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8MR10 and v3beta, allows remote attackers to bypass the URL blocker via an (1) HTTP request terminated with a line feed (LF) and not carriage return line feed (CRLF) or (2) HTTP request with no Host field, which is still processed by most web servers without violating RFC2616.
by Mathieu Dessus
Half-Life CSTRIKE Dedicated Server < 1.6_linux - Authenticated Denial of Service via Backslash in Connection String
The SV_CheckForDuplicateNames function in Valve Software Half-Life CSTRIKE Dedicated Server 1.6 and earlier allows remote authenticated users to cause a denial of service (infinite loop and daemon hang) via a backslash character at the end of a connection string to UDP port 27015.
by Firestorm
Invision Power Board 2.0.1 - Denial of Service via User Registration
index.php in Invision Power Board (IPB) 2.0.1, with Code Confirmation disabled, allows remote attackers to cause an unspecified denial of service by registering a large number of users.
by SkOd
Dale Ray MyQuiz 1.01 - Command Injection
myquiz.pl in Dale Ray MyQuiz 1.01 allows remote attackers to execute arbitrary commands via shell metacharacters in the URL, which are not properly handled as part of the PATH_INFO environment variable.
by Hessam-x
Kinesphere Corporation eXchange POP3 Server - Buffer Overflow via Long RCPT TO Argument
Buffer overflow in the POP3 server in Kinesphere Corporation eXchange before 5.0.060125 allows remote attackers to execute arbitrary code via a long RCPT TO argument.
by securma massine
Dragoran Portal module 1.3 - SQL Injection via Site Parameter
SQL injection vulnerability index.php in Dragoran Portal module 1.3 for Invision Power Board (IPB) allows remote attackers to execute arbitrary SQL commands via the site parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by SkOd
xeCMS 1.0.0 RC 2 - 'cookie' Remote Command Execution
by cijfer
Sami FTP Server 2.0.1 - Stack-Based Buffer Overflow via Long USER Command
Stack-based buffer overflow in Sami FTP Server 2.0.1 allows remote attackers to execute arbitrary code via a long USER command, which triggers the overflow when the log is viewed.
by Critical Security
phpclanwebsite 1.23.1 - SQL Injection via Forum Post Par Parameter
SQL injection vulnerability in index.php in Phpclanwebsite (aka PCW) 1.23.1 allows remote attackers to execute arbitrary SQL commands via the (1) par parameter in the post function on the forum page and possibly the (2) poll_id parameter on the poll page. NOTE: the poll_id vector can also allow resultant cross-site scripting (XSS) from an unquoted error message for invalid SQL syntax.
by matrix_killer
CRE Loaded 6.15 - Privilege Escalation
CRE Loaded 6.15 allows remote attackers to perform privileged actions, including uploading and creating arbitrary files, via a direct request to files.php. NOTE: the vendor states "The initial announcement of this risk was made on our website... and it included a patch which will close the vulnerability on all known 6.0x and 6.1x releases. We strongly encourage users of CRE Loaded 6.x, osCMax, and other users of osCommerce who have installed HTMLArea based WYSIWYG editors and Admin Access with Levels to modify thier installations at the earliest possible moment."
by kaneda
ezDatabase 2.0 and earlier - Remote Code Execution via db_id Parameter
Eval injection vulnerability in ezDatabase 2.0 and earlier allows remote attackers to execute arbitrary PHP code via the db_id parameter to visitorupload.php, as demonstrated using phpinfo and include function calls.
by cijfer
RCBlog 1.0.3 - 'index.php' Directory Traversal
by Aliaksandr Hartsuyeu
By Source