Exploitdb Exploits
31,329 exploits tracked across all sources.
Event Calendar Category Script - SQL Injection
Event Search Script 1.0 has SQL Injection via the /event-list city parameter.
by Ihsan Sencan
CVSS 9.8
Entrepreneur Job Portal Script - SQL Injection
Entrepreneur Job Portal Script 2.0.6 has SQL Injection via the jobsearch_all.php rid1 parameter.
by Ihsan Sencan
CVSS 9.8
Entrepreneur Dating Script - SQL Injection
Entrepreneur Dating Script 2.0.1 has SQL Injection via the search_result.php marital, gender, country, or profileid parameter.
by Ihsan Sencan
CVSS 9.8
E-commerce Mlm Software - SQL Injection
E-commerce MLM Software 1.0 has SQL Injection via the service_detail.php pid parameter, event_detail.php eventid parameter, or news_detail.php newid parameter.
by Ihsan Sencan
CVSS 9.8
Domainsale Php Script - SQL Injection
DomainSale PHP Script 1.0 has SQL Injection via the domain.php id parameter.
by Ihsan Sencan
CVSS 9.8
Doctor Search Script - SQL Injection
Doctor Search Script 1.0 has SQL Injection via the /list city parameter.
by Ihsan Sencan
CVSS 9.8
Consumer Complaints Clone Script - SQL Injection
Consumer Complaints Clone Script 1.0 has SQL Injection via the other-user-profile.php id parameter.
by Ihsan Sencan
CVSS 9.8
Co-work Space Search Script - SQL Injection
Co-work Space Search Script 1.0 has SQL Injection via the /list city parameter.
by Ihsan Sencan
CVSS 9.8
Cms Auditor Website - SQL Injection
CMS Auditor Website 1.0 has SQL Injection via the PATH_INFO to /news-detail.
by Ihsan Sencan
CVSS 9.8
Kindergarten - Elementary School Listing Script - SQL Injection
Child Care Script 1.0 has SQL Injection via the /list city parameter.
by Ihsan Sencan
CVSS 9.8
Chartered Accountant Booking Script - SQL Injection
Chartered Accountant Booking Script 1.0 has SQL Injection via the /service-list city parameter.
by Ihsan Sencan
CVSS 9.8
Cab Booking Script - SQL Injection
Cab Booking Script 1.0 has SQL Injection via the /service-list city parameter.
by Ihsan Sencan
CVSS 9.8
OpenEMR 5.0.0 - OS Command Injection / Cross-Site Scripting
by SEC Consult
OpenEMR 5.0.0 - OS Command Injection / Cross-Site Scripting
by SEC Consult
Wireshark <2.4.3 & <2.2.11 - DoS
In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissector could crash. This was addressed in epan/dissectors/packet-cipsafety.c by validating the packet length.
by Wireshark
CVSS 7.5
Resolver Perspective - Improper Privilege Management
Perspective ICM Investigation & Case 5.1.1.16 allows remote authenticated users to modify access level permissions and consequently gain privileges by leveraging insufficient validation methods and missing cross server side checking mechanisms.
by Konstantinos Alexiou
CVSS 8.8
Techno Portfolio Management Panel 1.0 - SQL Injection
Techno Portfolio Management Panel 1.0 allows an attacker to inject SQL commands via a single.php?id= request.
by Ihsan Sencan
CVSS 9.8
Posty Readymade Classifieds Script 1.0 - SQL Injection
Posty Readymade Classifieds Script 1.0 allows an attacker to inject SQL commands via a listings.php?catid= or ads-details.php?ID= request.
by Ihsan Sencan
CVSS 9.8
Abyss Web Server < 2.11.6 - Heap Memory Corruption
by hyp3rlinx
Artica Web Proxy <3.06.112911 - XSS
Artica Web Proxy before 3.06.112911 allows remote attackers to execute arbitrary code as root by conducting a cross-site scripting (XSS) attack involving the username-form-id parameter to freeradius.users.php.
by hyp3rlinx
CVSS 9.0
MistServer <2.13 - XSS
Cross-site scripting (XSS) vulnerability in MistServer before 2.13 allows remote attackers to inject arbitrary web script or HTML via vectors related to failed authentication requests alerts.
by hyp3rlinx
CVSS 6.1
By Source