Text Exploits
31,383 exploits tracked across all sources.
TCExam < 11.3.008 - Authenticated SQL Injection via subject_module_id Parameter
Multiple SQL injection vulnerabilities in TCExam before 11.3.008 allow remote authenticated users with level 5 or greater permissions to execute arbitrary SQL commands via the subject_module_id parameter to (1) tce_edit_answer.php or (2) tce_edit_question.php.
by Chris Cooper
TCExam < 11.3.008 - Authenticated SQL Injection via subject_module_id Parameter
Multiple SQL injection vulnerabilities in TCExam before 11.3.008 allow remote authenticated users with level 5 or greater permissions to execute arbitrary SQL commands via the subject_module_id parameter to (1) tce_edit_answer.php or (2) tce_edit_question.php.
by Chris Cooper
Getsimple CMS 3.1.2 - 'path' Local File Inclusion
by PuN!Sh3r
dir2web 3.0 - SQL Injection via oid Parameter
SQL injection vulnerability in system/src/dispatcher.php in Dir2web 3.0 allows remote attackers to execute arbitrary SQL commands via the oid parameter in a homepage action to index.php.
by Daniel Correa
AOL Products downloadUpdater2 Plugin - 'SRC' Remote Code Execution
by rgod
Joomla! Component com_photo - Multiple SQL Injections
by Chokri Ben Achor
Worksforweb iAuto - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
by Benjamin Kunz Mejri
WordPress Plugin Effective Lead Management 3.0.0 - Persistent Cross-Site Scripting
by Chris Kellum
PolarisCMS - 'WebForm_OnSubmit()' Cross-Site Scripting
by Gjoko Krstic
Wiki Web Help - 'configpath' Remote File Inclusion
by L0n3ly-H34rT
Openconstructor - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Open Constructor 3.12.0 allow remote attackers to inject arbitrary web script or HTML via (1) the result parameter to data/file/edit.php, (2) the q parameter to confirm.php, or (3) the keyword parameter to users/users.php.
by Lorenzo Cantoni
Openconstructor - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Open Constructor 3.12.0 allow remote attackers to inject arbitrary web script or HTML via (1) the result parameter to data/file/edit.php, (2) the q parameter to confirm.php, or (3) the keyword parameter to users/users.php.
by Lorenzo Cantoni
Openconstructor - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Open Constructor 3.12.0 allow remote attackers to inject arbitrary web script or HTML via (1) the result parameter to data/file/edit.php, (2) the q parameter to confirm.php, or (3) the keyword parameter to users/users.php.
by Lorenzo Cantoni
WordPress Theme ShopperPress - SQL Injection / Cross-Site Scripting
by Benjamin Kunz Mejri
Mahara 1.4.0-1.4.2 and 1.5.0-1.5.1 - Cross-Site Scripting via Login Form, Links, Resources, and Display Name
Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.4.x before 1.4.3 and 1.5.x before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) javascript innerHTML as used when generating login forms, (2) links or (3) resources URLs, and (4) the Display name in a user profile.
by anonymous
CVSS 6.1
Joomla! Component com_joomgalaxy 1.2.0.4 - Multiple Vulnerabilities
by D4NB4R
Barracuda Email Security Service - Multiple HTML Injection Vulnerabilities
by Benjamin Kunz Mejri
ManageEngine Mobile Application Manager 10 - SQL Injection
by Vulnerability-Lab
By Source