Php Exploits

1,332 exploits tracked across all sources.

Sort: Activity Stars
CVE-2009-0110 EXPLOITDB php VERIFIED
riotpix < 0.61 - SQL Injection via ForumID Parameter
SQL injection vulnerability in read.php in RiotPix 0.61 and earlier allows remote attackers to execute arbitrary SQL commands via the forumid parameter.
by cOndemned
EIP-2026-109177 EXPLOITDB php VERIFIED
Lito Lite CMS - Multiple Cross-Site Scripting / Blind SQL Injection Vulnerabilities
by darkjoker
CVE-2008-5821 EXPLOITDB php VERIFIED
Apple Safari 3.2 - Denial of Service via Long ALINK Attribute
Memory leak in WebKit.dll in WebKit, as used by Apple Safari 3.2 on Windows Vista SP1, allows remote attackers to cause a denial of service (memory consumption and browser crash) via a long ALINK attribute in a BODY element in an HTML document.
by Pr0T3cT10n
EIP-2026-104706 EXPLOITDB php VERIFIED
suPHP 0.7 - 'suPHP_ConfigPath' / 'Safe_Mode()' Restriction Bypass
by Mr.SaFa7
CVE-2008-6919 EXPLOITDB php VERIFIED
TaskDriver < 1.3 - Unauthenticated Authentication Bypass via Auth Cookie
profileedit.php TaskDriver 1.3 and earlier allows remote attackers to bypass authentication and gain administrative access by setting the auth cookie to "fook!admin."
by cOndemned
CVE-2008-6853 EXPLOITDB php VERIFIED
AIST NetCat 3.0 and 3.12 - SQL Injection via PollID Parameter
SQL injection vulnerability in modules/poll/index.php in AIST NetCat 3.0 and 3.12 allows remote attackers to execute arbitrary SQL commands via the PollID parameter.
by s4avrd0w
CVE-2008-5731 EXPLOITDB php VERIFIED
PGP Desktop 9.0.6 and 9.9.0 - Denial of Service via IOCTL Request
The PGPwded device driver (aka PGPwded.sys) in PGP Corporation PGP Desktop 9.0.6 build 6060 and 9.9.0 build 397 allows local users to cause a denial of service (system crash) and possibly gain privileges via a certain METHOD_BUFFERED IOCTL request that overwrites portions of memory, related to a "Driver Collapse." NOTE: some of these details are obtained from third party information.
by Evilcry
CVE-2008-5727 EXPLOITDB php VERIFIED
AIST NetCat < 3.12 - SQL Injection via Password Recovery Query String
SQL injection vulnerability in modules/auth/password_recovery.php in AIST NetCat 3.12 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the query string.
by s4avrd0w
CVE-2008-6345 EXPLOITDB php VERIFIED
SolarCMS 0.53.8 and 1.0 - SQL Injection via Forum.php cat Parameter
SQL injection vulnerability in Forum.php in SolarCMS 0.53.8 and 1.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter to indes.php. NOTE: some of these details are obtained from third party information.
by StAkeR
EIP-2026-101037 EXPLOITDB php VERIFIED
Linksys WAG54G v2 Wireless ADSL Router - HTTPd Denial of Service
by r0ut3r
CVE-2008-6752 EXPLOITDB php VERIFIED
ReVou Micro Blogging Twitter Clone Plugin - Unauthenticated Password Change via Direct Request
adminlogin/password.php in the Twitter Clone (TClone) plugin for ReVou Micro Blogging does not verify the original password before changing passwords, which allows remote attackers to change the administrator's password and gain privileges via a direct request with modified newpass1 and newpass2 parameters in a Change operation.
by G4N0K
EIP-2026-104815 EXPLOITDB php VERIFIED
2532/Gigs 1.2.2 Stable - Remote Command Execution
by StAkeR
EIP-2026-105039 EXPLOITDB php VERIFIED
Aiyoota! CMS - Blind SQL Injection
by Lidloses_Auge
EIP-2026-107003 EXPLOITDB php VERIFIED
EZ Publish < 3.9.5/3.10.1/4.0.1 - 'token' Privilege Escalation
by s4avrd0w
CVE-2008-6844 EXPLOITDB php VERIFIED
eZ Publish < 3.5.6 - Privilege Escalation via Registration Form Parameter Manipulation
The registration view (/user/register) in eZ Publish 3.5.6 and earlier, and possibly other versions before 3.9.5, 3.10.1, and 4.0.1, allows remote attackers to gain privileges as other users via modified ContentObjectAttribute_data_user_login_30, ContentObjectAttribute_data_user_password_30, and other parameters.
by s4avrd0w
CVE-2008-6535 EXPLOITDB php VERIFIED
PayPal eStores - Unauthenticated Administrative Password Change via Direct Request
admin/settings.php in PayPal eStores allows remote attackers to bypass intended access restrictions and change the administrative password via a direct request with a modified NewAdmin parameter.
by G4N0K
CVE-2008-5568 EXPLOITDB php VERIFIED
IPN Pro 3 < 1.44 - Cross-Site Request Forgery via Admin Password Change
Cross-site request forgery (CSRF) vulnerability in admin/settings.php in IPN Pro 3 1.44 and earlier allows remote attackers to change the admin password via a logout action in conjunction with the admin_id, newpass_1, and newpass_2 parameters.
by G4N0K
CVE-2008-5565 EXPLOITDB php VERIFIED
DL PayCart < 1.34 - Cross-Site Request Forgery via Admin Password Change
Cross-site request forgery (CSRF) vulnerability in admin/settings.php in DL PayCart 1.34 and earlier allows remote attackers to change the admin password via a logout action in conjunction with the NewAdmin, NewPass1, and NewPass2 parameters.
by G4N0K
CVE-2008-5567 EXPLOITDB php VERIFIED
Bonza Cart < 1.10 - Cross-Site Request Forgery via Admin Password Change
Cross-site request forgery (CSRF) vulnerability in admin/ad_settings.php in Bonza Cart 1.10 and earlier allows remote attackers to change the admin password via a logout action in conjunction with the NewAdmin, NewPass1, and NewPass2 parameters.
by G4N0K
CVE-2008-6843 EXPLOITDB php VERIFIED
Fantastico De Luxe - Path Traversal via sup3r Parameter
Directory traversal vulnerability in index.php in Fantastico, as used with cPanel 11.x, allows remote attackers to read arbitrary files via a .. (dot dot) in the sup3r parameter.
by Super-Crystal
CVE-2008-7074 EXPLOITDB php VERIFIED
i.Scribe 1.88-2.00 - Remote Code Execution via SMTP Server Response Format String
Format string vulnerability in MemeCode Software i.Scribe 1.88 through 2.00 before Beta9 allows remote SMTP servers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a server response, which is not properly handled "when displaying the signon message."
by Alfons Luja
CVE-2008-7075 EXPLOITDB php VERIFIED
Kalptaru Infotech Stararticles - SQL Injection
Multiple SQL injection vulnerabilities in Kalptaru Infotech Ltd. Star Articles 6.0 allow remote attackers to inject arbitrary SQL commands via (1) the subcatid parameter to article.list.php; or the artid parameter to (2) article.print.php, (3) article.comments.php, (4) article.publisher.php, or (5) article.download.php; and (6) the PATH_INFO to article.download.php. NOTE: some of these details are obtained from third party information.
by Stack
EIP-2026-113092 EXPLOITDB php VERIFIED
VideoScript 3.0 < 4.1.5.55 - 'Unofficial' Shell Injection
by G4N0K
EIP-2026-113091 EXPLOITDB php VERIFIED
VideoScript 3.0 < 4.0.1.50 - 'Official' Shell Injection
by G4N0K
CVE-2008-5308 EXPLOITDB php VERIFIED
LoveCMS The Simple Forum 3.1d - Unauthenticated Administrator Password Change via Direct Request
The Simple Forum 3.1d module for LoveCMS 1.6.2 Final does not properly restrict access to administrator functions, which allows remote attackers to change the administrator password via a direct request to modules/simpleforum/admin/index.php.
by cOndemned
By Source
All 1,332 Writeup 62,176 Exploitdb 50,123 Nomisec 22,378 Github 3,580 Metasploit 3,311 Vulncheck_xdb 927 Inthewild 514 Gitlab 475 Gitee 415 Patchapalooza 312
By Language
text 31,432 python 6,549 ruby 6,001 c 3,624 perl 2,849 html 2,074 php 1,332 bash 462 java 370 c++ 259 javascript 228 shell 131 go 73 postscript 25 typescript 25