Exploitdb Exploits
1,269 exploits tracked across all sources.
PHP-Nuke 5.6/6.x News Module - 'index.php' SQL Injection
by frog
Mambo 4.0.12 - Auth Bypass
index2.php in Mambo 4.0.12 allows remote attackers to gain administrator access via a URL request where session_id is set to the MD5 hash of a session cookie.
by Simen Bergo
Phpbb - SQL Injection
SQL injection vulnerability in page_header.php in phpBB 2.0, 2.0.1 and 2.0.2 allows remote attackers to brute force user passwords and possibly gain unauthorized access to forums via the forum_id parameter to index.php.
by David Zentner
Francisco Burzi Php-nuke - SQL Injection
SQL injection vulnerability in PHP-Nuke 5.6 and 6.0 allows remote attackers to execute arbitrary SQL commands via the days parameter to the search module.
by David Zentner
Jelsoft Vbulletin - Numeric Error
member2.php in vBulletin 2.2.9 and earlier does not properly restrict the $perpage variable to be an integer, which causes an error message to be reflected back to the user without quoting, which facilitates cross-site scripting (XSS) and possibly other attacks.
by Sp.IC
Jelsoft vBulletin <3.0 - XSS
Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin before 3.0 allows remote attackers to inject arbitrary web script or HTML via the what parameter to memberlist.php.
by Sp.IC
TightAuction 3.0 - Info Disclosure
TightAuction 3.0 stores config.inc under the web document root with insufficient access control, which allows remote attackers to obtain the database username and password.
by frog
Woltlab Burning Board - XSS
Cross-site scripting (XSS) vulnerability in WoltLab Burning Board (wbboard) 1.1.1 allows remote attackers to inject arbitrary web script or HTML via the message parameter.
by SeazoN
PHP - Path Traversal
move_uploaded_file in PHP does not does not check for the base directory (open_basedir), which could allow remote attackers to upload files to unintended locations on the system.
by Tozz
Skintech Phpnewsmanager - Path Traversal
Directory traversal vulnerability in functions.php in PhpNewsManager 1.46 allows remote attackers to retrieve arbitrary files via .. (dot dot) sequences in the clang parameter.
by anonymous
Skintech Phpnewsmanager - Path Traversal
Directory traversal vulnerability in functions.php in PhpNewsManager 1.46 allows remote attackers to retrieve arbitrary files via .. (dot dot) sequences in the clang parameter.
by anonymous
Skintech Phpnewsmanager - Path Traversal
Directory traversal vulnerability in functions.php in PhpNewsManager 1.46 allows remote attackers to retrieve arbitrary files via .. (dot dot) sequences in the clang parameter.
by Dave Wilson
Apache - Info Disclosure
Apache on Red Hat Linux with with the UserDir directive enabled generates different error codes when a username exists and there is no public_html directory and when the username does not exist, which could allow remote attackers to determine valid usernames on the server.
by Gabriel A Maggiotti
PHP <4.2 - Command Injection
PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail() function, which allows local users and possibly remote attackers to execute arbitrary commands via shell metacharacters.
by Wojciech Purczynski
Iplanet Web Server - Buffer Overflow
Buffer overflow in Web Publisher in iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a request for a long URI with (1) GETPROPERTIES, (2) GETATTRIBUTENAMES, or other methods.
by Gabriel Maggiotti
Netscape Communicator <4.77 - XSS
Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript.
by Florian Wesch
IIS 4.0-5.0 - Path Traversal
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
by BoloTron
Cart32 - Info Disclosure
The Cart32 shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.
by CDI
PHP3 - Command Injection
PHP3 with safe_mode enabled does not properly filter shell metacharacters from commands that are executed by popen, which could allow remote attackers to execute commands.
by Kristian Koehntopp
By Source