Exploitdb Exploits
31,394 exploits tracked across all sources.
Batavi 1.2.2 - Cross-Site Scripting via QUERY_STRING to admin/index.php
Cross-site scripting (XSS) vulnerability in admin/templates/default.php in Batavi 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the QUERY_STRING to admin/index.php.
by Dognaedis
Foscam <11.37.2.49 - Path Traversal
Directory traversal vulnerability in the web interface on Foscam devices with firmware before 11.37.2.49 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI, as demonstrated by discovering (1) web credentials or (2) Wi-Fi credentials.
by Frederic Basse
WordPress Plugin Comment Rating 2.9.32 - Multiple Vulnerabilities
by ebanyu
Joomla! 2.5.x-3.0.2 - PHP Object Injection via Highlight Parameter
plugins/system/highlight/highlight.php in Joomla! 3.0.x through 3.0.2 and 2.5.x through 2.5.8 allows attackers to unserialize arbitrary PHP objects to obtain sensitive information, delete arbitrary directories, conduct SQL injection attacks, and possibly have other impacts via the highlight parameter. Note: it was originally reported that this issue only allowed attackers to obtain sensitive information, but later analysis demonstrated that other attacks exist.
by EgiX
MTP Poll 1.0 - Multiple Cross-Site Scripting Vulnerabilities
by LiquidWorm
MTP Image Gallery 1.0 - 'edit_photos.php?title' Cross-Site Scripting
by LiquidWorm
MTP Guestbook 1.0 - Multiple Cross-Site Scripting Vulnerabilities
by LiquidWorm
JForum 2.1.9 - Cross-Site Scripting via Action, Match Type, Sort By, or Start Parameters
Multiple cross-site scripting (XSS) vulnerabilities in jforum.page in JForum 2.1.9 allow remote attackers to inject arbitrary web script or HTML via the (1) action, (2) match_type, (3) sort_by, or (4) start parameters.
by ZeroDayLab
WiFilet 1.2 iPad iPhone - Multiple Vulnerabilities
by Vulnerability-Lab
smart-flv - Cross-Site Scripting via link or playerready Parameter
Multiple cross-site scripting (XSS) vulnerabilities in jwplayer.swf in the smart-flv plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) link or (2) playerready parameter.
by Henri Salo
phpMyRecipes - Multiple HTML Injection Vulnerabilities
by PDS
AirDrive HD 1.6 iPad iPhone - Multiple Vulnerabilities
by Vulnerability-Lab
Photodex ProShow Producer - Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
by Julien Ahrens
File Manager - HTML Injection / Local File Inclusion
by Benjamin Kunz Mejri
Alt-N MDaemon WorldClient 13.0.3 - Multiple Vulnerabilities
by QSecure & Demetris Papapetrou
Alt-N MDaemon 12.5.6/13.0.3 - Email Body HTML/JS Injection
by QSecure & Demetris Papapetrou
RTTucson Quotations Database Script - Authentication Bypass
by cr4wl3r
PHPMyRecipes 1.2.2 - 'viewrecipe.php?r_id' SQL Injection
by cr4wl3r
PHPmyGallery 1.5 - Local File Disclosure / Cross-Site Scripting
by TheMirkin
By Source