Text Exploits
31,394 exploits tracked across all sources.
WordPress Plugin Xerte Online - 'save.php' Arbitrary File Upload
by Sammy FORGIT
osTicket - 'tickets.php?status' Cross-Site Scripting
by AkaStep
e107 1.0.2 - Cross-Site Request Forgery via download.php Parameters
Multiple cross-site request forgery (CSRF) vulnerabilities in e107_admin/download.php in e107 1.0.2 allow remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the (1) download_url, (2) download_url_extended, (3) download_author_email, (4) download_author_website, (5) download_image, (6) download_thumb, (7) download_visible, or (8) download_class parameter.
by Joshua Reynolds
e107 1.0.1 - Cross-Site Request Forgery via News Title Parameter
Cross-site request forgery (CSRF) vulnerability in e107_admin/newspost.php in e107 1.0.1 allows remote attackers to hijack the authentication of administrators for requests that conduct XSS attacks via the news_title parameter in a create action.
by Joshua Reynolds
WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/exportsubscribers.php? reqID' SQL Injection
by Sammy FORGIT
WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/exportaccounts.php?reqID' SQL Injection
by Sammy FORGIT
WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/backup.php?reqID' SQL Injection
by Sammy FORGIT
WHMCS 5.0 - Insecure Cookie Authentication Bypass
by Agd_Scorp
MyBB 1.6.9 - 'editpost.php?posthash' Blind SQL Injection
by Joshua Rogers
Joomla! Component Spider Calendar - 'date' Blind SQL Injection
by Red-D3v1L
GNU Grep < 2.11 - Remote Code Execution via Integer Overflow
Multiple integer overflows in GNU Grep before 2.11 might allow context-dependent attackers to execute arbitrary code via vectors involving a long input line that triggers a heap-based buffer overflow.
by Joshua Rogers
WordPress Plugin Zingiri Forums - 'language' Local File Inclusion
by Amirh03in
cPanel WebHost Manager 11.34.0 - Cross-Site Scripting
Cross-site Scripting (XSS) in cPanel WebHost Manager (WHM) 11.34.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
by Christy Philip Mathew
CVSS 6.1
cPanel - 'detailbw.html' Multiple Cross-Site Scripting Vulnerabilities
by Christy Philip Mathew
Astaro Security Gateway 8.1 - HTML Injection
by Vulnerability Research Laboratory
MyBB AwayList Plugin - 'index.php?id' SQL Injection
by Red_Hat
Hero Framework - users/login 'Username' Cross-Site Scripting
by Stefan Schurtz
Hero Framework - 'search?q' Cross-Site Scripting
by Stefan Schurtz
City Directory Review and Rating Script - 'search.php' SQL Injection
by 3spi0n
By Source