Exploitdb Exploits

1,269 exploits tracked across all sources.

Sort: Activity Stars
CVE-2006-1645 EXPLOITDB php VERIFIED
ReloadCMS <1.2.5 - XSS
Cross-site scripting (XSS) vulnerability in Anton Vlasov and Rostislav Gaitkuloff ReloadCMS 1.2.5 and earlier allows remote attackers to inject arbitrary web script or HTML and gain leverage to execute arbitrary PHP code via the User-Agent HTTP header, which is displayed by admin/modules/general/statistic.php in the administration panel.
by rgod
CVE-2006-1596 EXPLOITDB php VERIFIED
Claroline <1.7.4 - RCE
PHP remote file inclusion vulnerability in learnPath/include/scormExport.inc.php in Claroline 1.7.4 and earlier allows remote attackers to execute arbitrary PHP code via the includePath parameter.
by rgod
CVE-2006-1595 EXPLOITDB php VERIFIED
Claroline <1.7.4 - XSS
Cross-site scripting (XSS) vulnerability in document/rqmkhtml.php in Claroline 1.7.4 and earlier allows remote attackers to read arbitrary files via ".." sequences in the file parameter in a rqEditHtml command.
by rgod
CVE-2006-1594 EXPLOITDB php VERIFIED
Claroline <1.7.4 - Path Traversal
Multiple directory traversal vulnerabilities in document/rqmkhtml.php in Claroline 1.7.4 and earlier allow remote attackers to use ".." (dot dot) sequences to (1) read arbitrary files via the file parameter in a rqEditHtml command to document/rqmkhtml.php or (2) execute arbitrary code via the includePath parameter to learnPath/include/scormExport.inc.php.
by rgod
EIP-2026-111349 EXPLOITDB php VERIFIED
Plogger Beta 2.1 - Administrative Credentials Disclosure
by rgod
CVE-2006-1495 EXPLOITDB php VERIFIED
PHPCollab 2.4-2.5.rc3, NetOffice 2.5.3-pl1-2.6.0b2 - SQL Injection
SQL injection vulnerability in general/sendpassword.php in (1) PHPCollab 2.4 and 2.5.rc3, and (2) NetOffice 2.5.3-pl1 and 2.6.0b2 allows remote attackers to execute arbitrary SQL commands via the loginForm parameter in the "forgotten password" option.
by rgod
EIP-2026-106301 EXPLOITDB php VERIFIED
CuteNews 1.4.1 - 'function.php' Local File Inclusion
by Hamid Ebadi
CVE-2006-1480 EXPLOITDB php VERIFIED
WebAlbum 2.02 - Path Traversal
Directory traversal vulnerability in start.php in WebAlbum 2.02 allows remote attackers to include arbitrary files and execute commands by (1) injecting code into local log files via GET commands, then (2) accessing that log via a .. (dot dot) sequence and a trailing null (%00) byte in the skin2 COOKIE parameter.
by rgod
CVE-2006-1371 EXPLOITDB php VERIFIED
Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5 - Authenticated RCE
Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5 and earlier allows remote authenticated users to use the HTMLArea FileManager plugin to upload and execute arbitrary PHP files using (1) manager.php, (2) standalonemanager.php, and (3) images.php.
by rgod
CVE-2006-1363 EXPLOITDB php VERIFIED
Justin White FreeWPS 2.11 - RCE
images.php in Justin White (aka YTZ) Free Web Publishing System (FreeWPS) 2.11 allows remote attackers to execute arbitrary PHP code by uploading a .php file into the /upload directory as specified in the dirPath parameter, then performing a direct request to that file.
by x128
CVE-2006-1347 EXPLOITDB php VERIFIED
gCards <1.45 - SQL Injection
SQL injection vulnerability in loginfunction.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter.
by rgod
CVE-2006-1346 EXPLOITDB php VERIFIED
gCards <1.45 - Path Traversal
Directory traversal vulnerability in inc/setLang.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in a lang[*][file] parameter, as demonstrated by injecting PHP sequences into an Apache access_log file, which is then included by index.php.
by rgod
CVE-2006-1348 EXPLOITDB php VERIFIED
gCards <1.45 - XSS
Cross-site scripting (XSS) vulnerability in index.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to inject arbitrary web script or HTML via the lang[*][file] parameter, which is injected into an error message. NOTE: this issue might be resultant from CVE-2006-1346.
by rgod
CVE-2006-1164 EXPLOITDB php VERIFIED
Nodez <4.6.1.1 - Info Disclosure
Nodez 4.6.1.1 and earlier stores sensitive data in the list.gtdat file under the web document root with insufficient access control, which allows remote attackers to obtain usernames and password hashes by directly accessing list.gtdat.
by rgod
CVE-2006-1291 EXPLOITDB php VERIFIED
PHP iCalendar <2.21 - RCE
publish.ical.php in Jim Hu and Chad Little PHP iCalendar 2.21 and earlier does not require authentication for write access to the calendars directory, which allows remote attackers to upload and execute arbitrary PHP scripts via a WebDAV PUT request with a filename containing a .php extension and a trailing null character.
by rgod
CVE-2006-1292 EXPLOITDB php VERIFIED
PHP iCalendar <2.21 - Path Traversal
Directory traversal vulnerability in Jim Hu and Chad Little PHP iCalendar 2.21 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL (%00) character in the phpicalendar[cookie_language] and phpicalendar[cookie_style] cookies, as demonstrated by injecting PHP sequences into an Apache access_log file, which is then included by day.php.
by rgod
CVE-2006-1224 EXPLOITDB php VERIFIED
GuppY 4.5.11 - Path Traversal
Directory traversal vulnerability in dwnld.php in GuppY 4.5.11 allows remote attackers to overwrite arbitrary files via a "%2E." (mixed encoding) in the pg parameter.
by trueend5
CVE-2006-1140 EXPLOITDB php VERIFIED
RedBLoG 0.5 - SQL Injection
SQL injection vulnerability in rss.php in RedBLoG 0.5 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
by x128
CVE-2006-1219 EXPLOITDB php VERIFIED
Gallery <2.0.3 - Path Traversal
Directory traversal vulnerability in Gallery 2.0.3 and earlier, and 2.1 before RC-2a, allows remote attackers to include arbitrary PHP files via ".." (dot dot) sequences in the stepOrder parameter to (1) upgrade/index.php or (2) install/index.php.
by rgod
EIP-2026-110905 EXPLOITDB php VERIFIED
PHP-Stats 0.1.9.1 - Remote Commans Execution
by rgod
CVE-2006-0899 EXPLOITDB php VERIFIED
4images Image Gallery Management System < 1.7.1 - Path Traversal
Directory traversal vulnerability in index.php in 4Images 1.7.1 and earlier allows remote attackers to read and include arbitrary files via ".." (dot dot) sequences in the template parameter.
by rgod
CVE-2006-1001 EXPLOITDB php VERIFIED
Lansuite Lanparty Intranet System - SQL Injection
SQL injection vulnerability in the board module in LanSuite LanParty Intranet System 2.0.6 and 2.1.0 beta allows remote attackers to execute arbitrary SQL commands via the fid parameter.
by x128
CVE-2006-0891 EXPLOITDB php VERIFIED
Nocc - Path Traversal
Multiple directory traversal vulnerabilities in NOCC Webmail 1.0 allow remote attackers to include arbitrary files via .. (dot dot) sequences and a trailing NULL (%00) byte in (1) the _SESSION['nocc_theme'] parameter in (a) html/footer.php; and (2) the lang and (3) theme parameters and the (4) Accept-Language HTTP header field, when force_default_lang is disabled, in (b) index.php, as demonstrated by injecting PHP code into a profile and accessing it using the lang parameter in index.php.
by rgod
EIP-2026-109946 EXPLOITDB php VERIFIED
Noahs Classifieds 1.3 - 'lowerTemplate' Remote Code Execution
by trueend5
CVE-2006-0851 EXPLOITDB php VERIFIED
Ilch.de Ilchclan - SQL Injection
SQL injection vulnerability in the forum module of ilchClan 1.05g and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter, when creating a newpost.
by x128
By Source
All 1,269 Exploitdb 50,121 Writeup 46,717 Nomisec 21,135 Metasploit 3,189 Github 2,247 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,737 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 359 javascript 260 c++ 247 shell 68 go 41 postscript 25 xml 24