Exploitdb Exploits

1,269 exploits tracked across all sources.

Sort: Activity Stars
CVE-2008-0133 EXPLOITDB php VERIFIED
Thomas Perez Tribisur < 2.1 - SQL Injection
Multiple SQL injection vulnerabilities in Tribisur 2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to cat_main.php and the (2) cat parameter to forum.php in a liste action.
by x0kster
CVE-2008-0129 EXPLOITDB php VERIFIED
Siteatschool < 2.3.10 - SQL Injection
SQL injection vulnerability in starnet/addons/slideshow_full.php in Site@School 2.3.10 and earlier allows remote attackers to execute arbitrary SQL commands via the album_name parameter.
by EgiX
EIP-2026-108929 EXPLOITDB php VERIFIED
jPORTAL 2.3.1 & UserPatch - 'forum.php' Remote Code Execution
by irk4z
CVE-2007-6622 EXPLOITDB php VERIFIED
ZeusCMS <0.3 - SQL Injection
SQL injection vulnerability in security.php in ZeusCMS 0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header.
by EgiX
CVE-2007-6623 EXPLOITDB php VERIFIED
ZeusCMS <0.3 - Path Traversal
Absolute path traversal vulnerability in ZeusCMS 0.3 and earlier might allow remote attackers to list arbitrary directories via a full pathname in the dir parameter.
by EgiX
CVE-2007-6550 EXPLOITDB php VERIFIED
PMOS Help Desk <2.4 - Code Injection
form.php in PMOS Help Desk 2.4 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to conduct eval injection attacks and execute arbitrary PHP code via the options array parameter.
by EgiX
EIP-2026-108937 EXPLOITDB php VERIFIED
Jupiter 1.1.5ex - Privilege Escalation
by BugReport.IR
EIP-2026-106305 EXPLOITDB php VERIFIED
CuteNews 1.4.5 - Admin Password md5 Hash Fetching
by waraxe
CVE-2007-6561 EXPLOITDB php VERIFIED
PDFLib - Buffer Overflow
Multiple stack-based buffer overflows in PDFLib allow user-assisted remote attackers to execute arbitrary code via a long filename argument to the PDF_load_image function that results in an overflow in the pdc_fsearch_fopen function, and possibly other vectors.
by poplix
CVE-2007-6533 EXPLOITDB php VERIFIED
Zoom Player <6.00 beta 2 - RCE
Buffer overflow in Zoom Player 6.00 beta 2 and earlier allows user-assisted remote attackers to execute arbitrary code via an HTTP link to a PLS file in a crafted ZPL file, which causes an overflow in Unicode handling when generating an error message.
by Luigi Auriemma
CVE-2007-6457 EXPLOITDB php VERIFIED
SurgeMail 38k4 - Buffer Overflow
Stack-based buffer overflow in the webmail feature in SurgeMail 38k4 allows remote attackers to cause a denial of service (crash) via a long Host header.
by rgod
CVE-2007-6414 EXPLOITDB php VERIFIED
Adult Script <1.6 - Auth Bypass
admin/administrator.php in Adult Script 1.6 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to bypass authentication and obtain administrative credentials via a direct request. NOTE: this can be leveraged for arbitrary code execution through a request to admin/videolinks_view.php.
by Liz0ziM
CVE-2007-6202 EXPLOITDB php VERIFIED
Neocrome Seditio CMS <121 - SQL Injection
SQL injection vulnerability in plugins/search/search.php in Neocrome Seditio CMS 121 and earlier allows remote attackers to execute arbitrary SQL commands via the pag_sub[] parameter to plug.php.
by InATeam
CVE-2007-1718 EXPLOITDB php VERIFIED
PHP <5.2.1 - CRLF Injection
CRLF injection vulnerability in the mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows remote attackers to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of the (1) Subject or (2) To parameter, as demonstrated by a parameter containing a "\r\n\t\n" sequence, related to an increment bug in the SKIP_LONG_HEADER_SEP macro.
by Stefan Esser
EIP-2026-111827 EXPLOITDB php VERIFIED
RunCMS 1.6 - 'disclaimer.php' Remote File Overwrite
by BugReport.IR
CVE-2007-6082 EXPLOITDB php VERIFIED
Sciurus Hosting Panel - Code Injection
Direct static code injection vulnerability in acp/savenews.php in Sciurus Hosting Panel, possibly 2.0.3, allows remote attackers to inject arbitrary PHP code via the filecontents parameter, which can be executed by accessing includes/news.php.
by Liz0ziM
CVE-2007-6083 EXPLOITDB php VERIFIED
IceBB 1.0-rc6 - SQL Injection
SQL injection vulnerability in admin/index.php in IceBB 1.0-rc6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header.
by Gu1ll4um3r0m41n
CVE-2007-6000 EXPLOITDB php VERIFIED
KDE Konqueror <3.5.6 - DoS
KDE Konqueror 3.5.6 and earlier allows remote attackers to cause a denial of service (crash) via large HTTP cookie parameters.
by laurent gaffie
CVE-2007-5913 EXPLOITDB php VERIFIED
JBC Explorer <7.20 RC1 - RCE
dirsys/modules/auth.php in JBC Explorer 7.20 RC1 and earlier does not require authentication, which allows remote attackers to (1) delete auth.inc.php via the suppr parameter, and (2) re-create the auth.inc.php file with contents that specify a new account name and password for JBC Explorer via the login and password parameters.
by DarkFig
CVE-2007-5914 EXPLOITDB php VERIFIED
JBC Explorer <7.20 RC1 - Code Injection
Direct static code injection vulnerability in dirsys/modules/config/post.php in JBC Explorer 7.20 RC1 and earlier allows remote authenticated administrators to inject arbitrary PHP code via the DEBUG parameter, which can be executed by accessing config.inc.php. NOTE: this can be exploited by unauthenticated remote attackers by leveraging CVE-2007-5913.
by DarkFig
CVE-2007-5653 EXPLOITDB php VERIFIED
Php < 5.2.4 - OS Command Injection
The Component Object Model (COM) functions in PHP 5.x on Windows do not follow safe_mode and disable_functions restrictions, which allows context-dependent attackers to bypass intended limitations, as demonstrated by executing objects with the kill bit set in the corresponding ActiveX control Compatibility Flags, executing programs via a function in compatUI.dll, invoking wscript.shell via wscript.exe, invoking Scripting.FileSystemObject via wshom.ocx, and adding users via a function in shgina.dll, related to the com_load_typelib function.
by shinnai
CVE-2007-5643 EXPLOITDB php VERIFIED
Lussumo Vanilla < 1.1.3 - SQL Injection
Multiple SQL injection vulnerabilities in Lussumo Vanilla 1.1.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the CategoryID parameter to ajax/sortcategories.php or (2) an unspecified vector to ajax/sortroles.php.
by InATeam
CVE-2007-5644 EXPLOITDB php VERIFIED
Lussumo Vanilla < 1.1.3 - Access Control
Lussumo Vanilla 1.1.3 and earlier does not require admin privileges for (1) ajax/sortcategories.php and (2) ajax/sortroles.php, which allows remote attackers to conduct unauthorized sort operations and other activities.
by InATeam
CVE-2007-5447 EXPLOITDB php VERIFIED
Ioncube Php Encoder - Access Control
ioncube_loader_win_5.2.dll in the ionCube Loader 6.5 extension for PHP 5.2.4 does not follow safe_mode and disable_functions restrictions, which allows context-dependent attackers to bypass intended limitations, as demonstrated by reading arbitrary files via the ioncube_read_file function.
by shinnai
CVE-2007-5452 EXPLOITDB php VERIFIED
Php-stats - SQL Injection
Multiple SQL injection vulnerabilities in php-stats.recjs.php in Php-Stats 0.1.9.2 allow remote attackers to execute arbitrary SQL commands via the (1) ip or (2) t parameter.
by EgiX
By Source
All 1,269 Exploitdb 50,150 Writeup 46,624 Nomisec 21,124 Metasploit 3,189 Github 2,234 Vulncheck_xdb 900 Inthewild 518 Gitlab 438 Gitee 415 Patchapalooza 312
By Language
text 31,343 ruby 5,920 python 5,756 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 359 javascript 260 c++ 246 shell 68 go 41 postscript 25 xml 24