Text Exploits
31,386 exploits tracked across all sources.
LibTIFF 4.0.9 - Heap-Based Buffer Overflow in pal2rgb
tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (TIFFSetupStrips heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file.
by Jungun Baek
CVSS 8.8
FS Trademe Clone 1.0 - SQL Injection via Search Parameter
FS Trademe Clone 1.0 has SQL Injection via the search_item.php search parameter or the general_item_details.php id parameter.
by Ihsan Sencan
CVSS 9.8
FS Linkedin Clone 1.0 - SQL Injection via group.php grid parameter
FS Linkedin Clone 1.0 has SQL Injection via the group.php grid parameter, profile.php fid parameter, or company_details.php id parameter.
by Ihsan Sencan
CVSS 9.8
FS Indiamart Clone 1.0 - SQL Injection via catcompany.php token Parameter
FS Indiamart Clone 1.0 has SQL Injection via the catcompany.php token parameter, buyleads-details.php id parameter, or company/index.php c parameter.
by Ihsan Sencan
CVSS 9.8
FS IMDB Clone 1.0 - SQL Injection via movie.php f Parameter
FS IMDB Clone 1.0 has SQL Injection via the movie.php f parameter, tvshow.php s parameter, or show_misc_video.php id parameter.
by Ihsan Sencan
CVSS 9.8
FS Groupon Clone 1.0 - SQL Injection via id Parameter
FS Groupon Clone 1.0 has SQL Injection via the item_details.php id parameter or the vendor_details.php id parameter.
by Ihsan Sencan
CVSS 9.8
FS Gigs Script 1.0 - SQL Injection via browse-category.php cat Parameter
FS Gigs Script 1.0 has SQL Injection via the browse-category.php cat parameter, browse-scategory.php sc parameter, or service-provider.php ser parameter.
by Ihsan Sencan
CVSS 9.8
FS Freelancer Clone 1.0 - SQL Injection via Profile Page u Parameter
FS Freelancer Clone 1.0 has SQL Injection via the profile.php u parameter.
by Ihsan Sencan
CVSS 9.8
FS Expedia Clone 1.0 - SQL Injection via pages.php/content.php id or show-flight-result.php fl_orig/fl_dest Parameter
FS Expedia Clone 1.0 has SQL Injection via the pages.php or content.php id parameter, or the show-flight-result.php fl_orig or fl_dest parameter.
by Ihsan Sencan
CVSS 9.8
FS Ebay Clone 1.0 - SQL Injection via product.php id or search.php Parameters
FS Ebay Clone 1.0 has SQL Injection via the product.php id parameter, or the search.php category_id or sub_category_id parameter.
by Ihsan Sencan
CVSS 9.8
FS Crowdfunding Script 1.0 - SQL Injection via latest_news_details.php id Parameter
FS Crowdfunding Script 1.0 has SQL Injection via the latest_news_details.php id parameter.
by Ihsan Sencan
CVSS 9.8
FS Care Clone 1.0 - SQL Injection via searchJob.php jobType or jobFrequency Parameter
FS Care Clone 1.0 has SQL Injection via the searchJob.php jobType or jobFrequency parameter.
by Ihsan Sencan
CVSS 9.8
FS Amazon Clone 1.0 - SQL Injection via PATH_INFO to /VerAyari
FS Amazon Clone 1.0 has SQL Injection via the PATH_INFO to /VerAyari.
by Ihsan Sencan
CVSS 9.8
Beauty Parlour Booking Script 1.0 - SQL Injection via Gender or City Parameter
Beauty Parlour Booking Script 1.0 has SQL Injection via the /list gender or city parameter.
by Ihsan Sencan
CVSS 9.8
Basic B2B Script 2.0.8 - SQL Injection via product_details.php id Parameter
Basic B2B Script 2.0.8 has SQL Injection via the product_details.php id parameter.
by Ihsan Sencan
CVSS 9.8
Affiliate MLM Script 1.0 - SQL Injection via product-category.php key Parameter
Affiliate MLM Script 1.0 has SQL Injection via the product-category.php key parameter.
by Ihsan Sencan
CVSS 9.8
Advance Online Learning Management Script 3.1 - SQL Injection via courselist.php subcatid or popcourseid Parameter
Advance Online Learning Management Script 3.1 has SQL Injection via the courselist.php subcatid or popcourseid parameter.
by Ihsan Sencan
CVSS 9.8
Advance B2B Script 2.1.3 - SQL Injection via tradeshow-list-detail.php show_id or view-product.php pid Parameter
Advance B2B Script 2.1.3 has SQL Injection via the tradeshow-list-detail.php show_id or view-product.php pid parameter.
by Ihsan Sencan
CVSS 9.8
Website Auction Marketplace 2.0.5 - SQL Injection via search.php cat_id Parameter
Website Auction Marketplace 2.0.5 has SQL Injection via the search.php cat_id parameter.
by Ihsan Sencan
CVSS 9.8
Simple Chatting System 1.0 - Arbitrary File Upload via my_profile.php
Simple Chatting System 1.0 allows Arbitrary File Upload via view/my_profile.php, which places files under uploads/.
by Ihsan Sencan
CVSS 7.5
Realestate Crowdfunding Script 2.7.2 - SQL Injection via single-cause.php pid Parameter
Realestate Crowdfunding Script 2.7.2 has SQL Injection via the single-cause.php pid parameter.
by Ihsan Sencan
CVSS 9.8
Nearbuy Clone Script 3.2 - SQL Injection via Category List Search Parameter
Nearbuy Clone Script 3.2 has SQL Injection via the category_list.php search parameter.
by Ihsan Sencan
CVSS 9.8
FS Thumbtack Clone 1.0 - SQL Injection via Category Parameter
FS Thumbtack Clone 1.0 has SQL Injection via the browse-category.php cat parameter or the browse-scategory.php sc parameter.
by Ihsan Sencan
CVSS 9.8
FS Stackoverflow Clone 1.0 - SQL Injection via Question Keywords Parameter
FS Stackoverflow Clone 1.0 has SQL Injection via the /question keywords parameter.
by Ihsan Sencan
CVSS 9.8
FS Shutterstock Clone 1.0 - SQL Injection via Category Keywords Parameter
FS Shutterstock Clone 1.0 has SQL Injection via the /Category keywords parameter.
by Ihsan Sencan
CVSS 9.8
By Source