Text Exploits

EIP-2026-104806 EXPLOITDB text VERIFIED

1024 CMS 2.1.1 - 'p' SQL Injection

by kallimero

View

CVE-2012-10045 EXPLOITDB CRITICAL text VERIFIED

XODA 0.4.5 - RCE

XODA version 0.4.5 contains an unauthenticated file upload vulnerability that allows remote attackers to execute arbitrary PHP code on the server. The flaw resides in the upload functionality, which fails to properly validate or restrict uploaded file types. By crafting a multipart/form-data POST request, an attacker can upload a .php file directly into the web-accessible files/ directory and trigger its execution via a subsequent GET request.

by Shai rod

View

EIP-2026-108926 EXPLOITDB text VERIFIED

JPM Article Blog Script 6 - 'tid' Cross-Site Scripting

by Mr.0c3aN

View

EIP-2026-105935 EXPLOITDB text VERIFIED

Clipbucket 2.5 - Directory Traversal

by loneferret

View

EIP-2026-105933 EXPLOITDB text VERIFIED

Clipbucket 2.5 - Blind SQL Injection

by loneferret

View

CVE-2012-4680 EXPLOITDB text

IOServer <1.0.19.0 - Path Traversal

Directory traversal vulnerability in the XML Server in IOServer before 1.0.19.0, when the Root Directory pathname lacks a trailing \ (backslash) character, allows remote attackers to read arbitrary files or list arbitrary directories via a .. (dot dot) in a URI.

by hinge

View

EIP-2026-114545 EXPLOITDB text

YourArcadeScript 2.4 - 'index.php?id' SQL Injection

by DaOne

View

EIP-2026-112542 EXPLOITDB text VERIFIED

T-dah Webmail - Cross-Site Request Forgery / Persistent Cross-Site Scripting

by Yakir Wizman

View

EIP-2026-101520 EXPLOITDB text

Alpha Networks ADSL2/2+ Wireless Router ASL-26555 - Password Disclosure

by Alberto Ortega

View

EIP-2026-119398 EXPLOITDB text VERIFIED

ManageEngine OpUtils 6.0 - Persistent Cross-Site Scripting

by loneferret

View

EIP-2026-111879 EXPLOITDB text VERIFIED

SaltOS - 'download.php' Cross-Site Scripting

by Stefan Schurtz

View

EIP-2026-119397 EXPLOITDB text

ManageEngine OpStor 7.4 - Multiple Vulnerabilities

by Vulnerability-Lab

View

EIP-2026-113297 EXPLOITDB text VERIFIED

webid 1.0.4 - Multiple Vulnerabilities

by dun

View

EIP-2026-112289 EXPLOITDB text

Social Engine 4.2.5 - Multiple Vulnerabilities

by Vulnerability-Lab

View

EIP-2026-108040 EXPLOITDB text VERIFIED

Jaow CMS 2.3 - Blind SQL Injection

by loneferret

View

EIP-2026-107830 EXPLOITDB text VERIFIED

Inferno vBShout 2.5.2 - SQL Injection

by Luit

View

EIP-2026-100845 EXPLOITDB text VERIFIED

LISTSERV 16 - 'SHOWTPL' Cross-Site Scripting

by Jose Carlos de Arriba

View

CVE-2011-1255 EXPLOITDB text VERIFIED

Microsoft Internet Explorer - Use of Uninitialized Resource

The Timed Interactive Multimedia Extensions (aka HTML+TIME) implementation in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Time Element Memory Corruption Vulnerability."

by Ciph3r

View

EIP-2026-111553 EXPLOITDB text VERIFIED

ProQuiz 2.0.2 - Cross-Site Request Forgery

by DaOne

View

EIP-2026-119355 EXPLOITDB text VERIFIED

Cyclope Employee Surveillance Solution 6.0 6.1.0 6.2.0 - Multiple Vulnerabilities

by loneferret

View

EIP-2026-114486 EXPLOITDB text VERIFIED

xt:Commerce 3.04 SP2.1 - Blind SQL Injection

by stoffline.com

View

EIP-2026-112383 EXPLOITDB text VERIFIED

sphpforum 0.4 - Multiple Vulnerabilities

by loneferret

View

EIP-2026-109530 EXPLOITDB text VERIFIED

MobileCartly 1.0 - Arbitrary File Upload

by ICheer_No0M

View

EIP-2026-109360 EXPLOITDB text VERIFIED

MaxForum 1.0.0 - Local File Inclusion

by ahwak2000

View

CVE-2012-2206 EXPLOITDB text

IBM Websphere MQ - Access Control

The Web Gateway component in IBM WebSphere MQ File Transfer Edition 7.0.4 and earlier allows remote authenticated users to read files of arbitrary users via vectors involving a username in a URI, as demonstrated by a modified metadata=fteSamplesUser field to the /transfer URI.

by Nir Valtman

View