Exploitdb Exploits

1,269 exploits tracked across all sources.

Sort: Activity Stars
CVE-2007-3313 EXPLOITDB php VERIFIED
Efstratios Geroulis Jasmine Cms - SQL Injection
Multiple SQL injection vulnerabilities in Jasmine CMS 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the login_username parameter to login.php or (2) the item parameter to news.php.
by Silentz
CVE-2007-3307 EXPLOITDB php VERIFIED
Solar Empire < 2.9.1.1 - SQL Injection
SQL injection vulnerability in game_listing.php in Solar Empire 2.9.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header.
by BlackHawk
CVE-2007-3272 EXPLOITDB php VERIFIED
Minibb - Path Traversal
Directory traversal vulnerability in index.php in MiniBB 2.0.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the language parameter in a register action.
by Dj7xpl
CVE-2007-3214 EXPLOITDB php VERIFIED
E-vision Cms < 2.02 - SQL Injection
SQL injection vulnerability in style.php in e-Vision CMS 2.02 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the template parameter.
by Silentz
CVE-2007-3251 EXPLOITDB php VERIFIED
E-vision Cms < 2.02 - Path Traversal
Multiple directory traversal vulnerabilities in e-Vision CMS 2.02 and earlier allow remote attackers to (1) include and execute arbitrary local files via a .. (dot dot) in the adminlang cookie to admin/functions.php or (2) read arbitrary local files via the img parameter to admin/show_img.php.
by Silentz
CVE-2007-3096 EXPLOITDB php VERIFIED
Pblang < 4.67.16.a - Path Traversal
Directory traversal vulnerability in login.php in PBLang (PBL) 4.67.16.a and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
by Silentz
CVE-2007-3082 EXPLOITDB php VERIFIED
Sendcard < 3.4.1 - Path Traversal
Directory traversal vulnerability in sendcard.php in Sendcard 3.4.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the sc_language parameter.
by Silentz
CVE-2007-3052 EXPLOITDB php VERIFIED
Postnuke Software Foundation Pnphpbb < 1.2i - SQL Injection
SQL injection vulnerability in index.php in the PNphpBB2 1.2i and earlier module for PostNuke allows remote attackers to execute arbitrary SQL commands via the c parameter.
by Kacper
CVE-2007-3138 EXPLOITDB php VERIFIED
Open Solution Quick.cart < 2.2 - Path Traversal
Directory traversal vulnerability in index.php in Open Solution Quick.Cart 2.2 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in an sLanguage cookie, which is used to define a value in config/general.php.
by Kacper
CVE-2007-3139 EXPLOITDB php VERIFIED
Quick.Cart <2.2 - RCE
config/general.php in Quick.Cart 2.2 and earlier uses a default username and password, which allows remote attackers to access the application via a login action to admin.php. NOTE: this can be leveraged to upload and execute arbitrary code.
by Kacper
CVE-2007-3051 EXPLOITDB php VERIFIED
Revokesoft Revokebb < 1.0_rc4 - SQL Injection
SQL injection vulnerability in inc/class_users.php in RevokeSoft RevokeBB 1.0 RC4 and earlier allows remote attackers to execute arbitrary SQL commands via the revokebb_user cookie.
by BlackHawk
CVE-2007-3065 EXPLOITDB php VERIFIED
Particle Soft Particle Gallery - SQL Injection
SQL injection vulnerability in viewimage.php in Particle Soft Particle Gallery 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the editcomment parameter, a different version and vector than CVE-2006-2862.
by Silentz
CVE-2007-2872 EXPLOITDB php VERIFIED
PHP <5.2.3 & <4.4.8 - Buffer Overflow
Multiple integer overflows in the chunk_split function in PHP 5 before 5.2.3 and PHP 4 before 4.4.8 allow remote attackers to cause a denial of service (crash) or execute arbitrary code via the (1) chunks, (2) srclen, and (3) chunklen arguments.
by Gerhard Wagner
EIP-2026-110581 EXPLOITDB php VERIFIED
Pheap 2.0 - 'config.php' Pheap_Login Authentication Bypass
by Silentz
CVE-2007-2985 EXPLOITDB php VERIFIED
Pheap - Access Control
Pheap 2.0 allows remote attackers to bypass authentication by setting a pheap_login cookie value to the administrator's username, which can be used to (1) obtain sensitive information, including the administrator password, via settings.php or (2) upload and execute arbitrary PHP code via an update_doc action in edit.php.
by Silentz
CVE-2007-2988 EXPLOITDB php VERIFIED
Inout Meta Search Engine - Code Injection
A certain admin script in Inout Meta Search Engine sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to inject arbitrary PHP code, as demonstrated by a request to admin/create_engine.php followed by a request to admin/generate_tabs.php.
by BlackHawk
CVE-2007-2935 EXPLOITDB php VERIFIED
Fundanemt <2.2.0.1 - Command Injection
core/spellcheck/spellcheck.php in Fundanemt before 2.2.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the dict parameter.
by Kacper
CVE-2007-2971 EXPLOITDB php VERIFIED
Greg Neustaetter Gcards < 1.46 - SQL Injection
SQL injection vulnerability in getnewsitem.php in gCards 1.46 and earlier allows remote attackers to execute arbitrary SQL commands via the newsid parameter.
by Silentz
CVE-2007-2890 EXPLOITDB php VERIFIED
cpCommerce <1.1.0 - SQL Injection
SQL injection vulnerability in category.php in cpCommerce 1.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id_category parameter.
by Kacper
CVE-2007-2899 EXPLOITDB php VERIFIED
NavBoard 2.6.0 - Code Injection
Direct static code injection vulnerability in admin_config.php in NavBoard 2.6.0 allows remote attackers to inject arbitrary PHP code into data/config.php via multiple parameters, as demonstrated via the threadperpage parameter in an editconfig action.
by Dj7xpl
CVE-2007-2814 EXPLOITDB php VERIFIED
Pegasus ImagN' ActiveX control 4.00.041 - Buffer Overflow
Multiple stack-based buffer overflows in the Pegasus ImagN' ActiveX control (IMW32O40.OCX) 4.00.041 allow remote attackers to execute arbitrary code via (1) a long FileName parameter, or unspecified vectors involving the (2) BeginReport, (3) CreatePictureExA, (4) DefineImage, (5) DefineImageEx, (6) DefineImageFox, (7) CopyBufToClipExA, (8) LoadEx, (9) LoadFox, and other functions.
by rgod
CVE-2007-2821 EXPLOITDB php VERIFIED
WordPress <2.2 - SQL Injection
SQL injection vulnerability in wp-admin/admin-ajax.php in WordPress before 2.2 allows remote attackers to execute arbitrary SQL commands via the cookie parameter.
by waraxe
CVE-2007-2777 EXPLOITDB php VERIFIED
AlstraSoft Template Seller Pro <3.25 - RCE
Unrestricted file upload vulnerability in admin/addsptemplate.php in AlstraSoft Template Seller Pro 3.25 and earlier allows remote attackers to execute arbitrary PHP code via an arbitrary .php filename in the zip parameter, which is created under sptemplates/.
by BlackHawk
CVE-2007-2776 EXPLOITDB php VERIFIED
AlstraSoft Template Seller Pro <3.25 - Auth Bypass
AlstraSoft Template Seller Pro 3.25 and earlier sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to inject a credential variable setting and obtain administrative access via a direct request to admin/changeinfo.php.
by BlackHawk
CVE-2007-2775 EXPLOITDB php VERIFIED
AlstraSoft Live Support <1.21 - Open Redirect
AlstraSoft Live Support 1.21 sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to obtain administrative access via a direct request to admin/managesettings.php.
by BlackHawk
By Source
All 1,269 Exploitdb 50,121 Writeup 46,628 Nomisec 21,129 Metasploit 3,189 Github 2,234 Vulncheck_xdb 900 Inthewild 518 Gitlab 438 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,729 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 359 javascript 260 c++ 246 shell 68 go 41 postscript 25 xml 24