Php Exploits

1,334 exploits tracked across all sources.

Sort: Activity Stars
CVE-2008-0461 EXPLOITDB php VERIFIED
Francisco Burzi Php-nuke < 8.0_final - SQL Injection
SQL injection vulnerability in index.php in the Search module in PHP-Nuke 8.0 FINAL and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the sid parameter in a comments action to modules.php. NOTE: some of these details are obtained from third party information.
by RST/GHC
CVE-2007-1107 EXPLOITDB php VERIFIED
Coppermine Photo Gallery <1.4 - SQL Injection
SQL injection vulnerability in thumbnails.php in Coppermine Photo Gallery (CPG) 1.3.x allows remote authenticated users to execute arbitrary SQL commands via a cpg131_fav cookie. NOTE: it was later reported that 1.4.10, 1.4.14, and other 1.4.x versions are also affected using similar cookies.
by bazik
CVE-2008-0504 EXPLOITDB php VERIFIED
Coppermine-gallery Coppermine Photo Gallery < 1.4.14 - SQL Injection
Multiple SQL injection vulnerabilities in Coppermine Photo Gallery (CPG) before 1.4.15 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) albumid, (2) startpic, and (3) numpics parameters to util.php; and (4) cid_array parameter to reviewcom.php.
by bazik
CVE-2008-0358 EXPLOITDB php VERIFIED
Pixelpost - SQL Injection
SQL injection vulnerability in index.php in Pixelpost 1.7 allows remote attackers to execute arbitrary SQL commands via the parent_id parameter.
by Silentz
CVE-2008-0382 EXPLOITDB php VERIFIED
Mybulletinboard - Code Injection
Multiple eval injection vulnerabilities in MyBB 1.2.10 and earlier allow remote attackers to execute arbitrary code via the sortby parameter to (1) forumdisplay.php or (2) a results action in search.php.
by Silentz
CVE-2008-7153 EXPLOITDB php VERIFIED
Docebo <3.5.0.3 - SQL Injection
SQL injection vulnerability in the autoDetectRegion function in doceboCore/lib/lib.regset.php in Docebo 3.5.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Accept-Language HTTP header. NOTE: this can be leveraged to execute arbitrary PHP code using the INTO DUMPFILE command.
by rgod
CVE-2008-0350 EXPLOITDB php VERIFIED
Evilsentinel < 1.0.9 - Access Control
admin/index.php in Evilsentinel 1.0.9 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to gain administrative privileges and make arbitrary configuration changes.
by BlackHawk
CVE-2008-0351 EXPLOITDB php VERIFIED
Evilsentinel < 1.0.9 - Authentication Bypass
admin/config.php in Evilsentinel 1.0.9 and earlier allows remote attackers to bypass the CAPTCHA test by omitting the es_security_captcha parameter and not invoking captcha.php.
by BlackHawk
CVE-2008-0282 EXPLOITDB php VERIFIED
Domphp < 0.81 - SQL Injection
SQL injection vulnerability in welcome/inscription.php in DomPHP 0.81 and earlier allows remote attackers to execute arbitrary SQL commands via the mail parameter.
by j0j0
CVE-2008-7153 EXPLOITDB php VERIFIED
Docebo <3.5.0.3 - SQL Injection
SQL injection vulnerability in the autoDetectRegion function in doceboCore/lib/lib.regset.php in Docebo 3.5.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Accept-Language HTTP header. NOTE: this can be leveraged to execute arbitrary PHP code using the INTO DUMPFILE command.
by EgiX
CVE-2008-0245 EXPLOITDB php VERIFIED
Uploadscript Uploadimage - Access Control
admin.php in UploadImage 1.0 does not check for the original password before making a change to a new password, which allows remote attackers to gain administrator privileges via the pass parameter in a nopass (Set Password) action.
by Dj7xpl
CVE-2008-0246 EXPLOITDB php VERIFIED
Uploadscript Uploadimage - Access Control
admin.php in UploadScript 1.0 does not check for the original password before making a change to a new password, which allows remote attackers to gain administrator privileges via the pass parameter in a nopass (Set Password) action.
by Dj7xpl
CVE-2008-7154 EXPLOITDB php VERIFIED
Docebo <3.5.0.3 - Info Disclosure
Docebo 3.5.0.3 and earlier allows remote attackers to obtain sensitive information via a direct request to (1) class/class.conf_fw.php, (2) class.module/class.event_manager.php, (3) lib/lib.domxml5.php, or (4) menu/menu_over.php in doceboCore/; or (5) class/class.conf_cms.php, (6) lib/lib.compose.php, (7) modules/chat/teleskill.php, or (8) class/class.admin_menu_cms.php in doceboCms/; which reveals the installation path in an error message.
by EgiX
CVE-2005-3365 EXPLOITDB php VERIFIED
Codeworx Technologies Dcp-portal - SQL Injection
Multiple SQL injection vulnerabilities in DCP-Portal 6 and earlier allow remote attackers to execute arbitrary SQL commands, possibly requiring encoded characters, via (1) the name parameter in register.php, (2) the email parameter in lostpassword.php, (3) the year parameter in calendar.php, and the (4) cid parameter to index.php. NOTE: the mid parameter for forums.php is already associated with CVE-2005-0454. NOTE: the index.php/cid vector was later reported to affect 6.11.
by x0kster
CVE-2008-7203 EXPLOITDB php VERIFIED
Valve Software Half-Life Counter-Strike 1.6 - DoS
Valve Software Half-Life Counter-Strike 1.6 allows remote attackers to cause a denial of service (crash) via multiple crafted login packets.
by Eugene Minaev
CVE-2008-0133 EXPLOITDB php VERIFIED
Thomas Perez Tribisur < 2.1 - SQL Injection
Multiple SQL injection vulnerabilities in Tribisur 2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to cat_main.php and the (2) cat parameter to forum.php in a liste action.
by x0kster
CVE-2008-0129 EXPLOITDB php VERIFIED
Siteatschool < 2.3.10 - SQL Injection
SQL injection vulnerability in starnet/addons/slideshow_full.php in Site@School 2.3.10 and earlier allows remote attackers to execute arbitrary SQL commands via the album_name parameter.
by EgiX
EIP-2026-108929 EXPLOITDB php VERIFIED
jPORTAL 2.3.1 & UserPatch - 'forum.php' Remote Code Execution
by irk4z
CVE-2007-6622 EXPLOITDB php VERIFIED
ZeusCMS <0.3 - SQL Injection
SQL injection vulnerability in security.php in ZeusCMS 0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header.
by EgiX
CVE-2007-6623 EXPLOITDB php VERIFIED
ZeusCMS <0.3 - Path Traversal
Absolute path traversal vulnerability in ZeusCMS 0.3 and earlier might allow remote attackers to list arbitrary directories via a full pathname in the dir parameter.
by EgiX
CVE-2007-6550 EXPLOITDB php VERIFIED
PMOS Help Desk <2.4 - Code Injection
form.php in PMOS Help Desk 2.4 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to conduct eval injection attacks and execute arbitrary PHP code via the options array parameter.
by EgiX
EIP-2026-108937 EXPLOITDB php VERIFIED
Jupiter 1.1.5ex - Privilege Escalation
by BugReport.IR
EIP-2026-106305 EXPLOITDB php VERIFIED
CuteNews 1.4.5 - Admin Password md5 Hash Fetching
by waraxe
CVE-2007-6561 EXPLOITDB php VERIFIED
PDFLib - Buffer Overflow
Multiple stack-based buffer overflows in PDFLib allow user-assisted remote attackers to execute arbitrary code via a long filename argument to the PDF_load_image function that results in an overflow in the pdc_fsearch_fopen function, and possibly other vectors.
by poplix
CVE-2007-6533 EXPLOITDB php VERIFIED
Zoom Player <6.00 beta 2 - RCE
Buffer overflow in Zoom Player 6.00 beta 2 and earlier allows user-assisted remote attackers to execute arbitrary code via an HTTP link to a PLS file in a crafted ZPL file, which causes an overflow in Unicode handling when generating an error message.
by Luigi Auriemma
By Source
All 1,334 Exploitdb 50,150 Writeup 46,624 Nomisec 21,124 Metasploit 3,189 Github 2,234 Vulncheck_xdb 900 Inthewild 518 Gitlab 438 Gitee 415 Patchapalooza 312
By Language
text 31,343 ruby 5,920 python 5,756 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 359 javascript 260 c++ 246 shell 68 go 41 postscript 25 xml 24