Exploitdb Exploits
31,394 exploits tracked across all sources.
MediaWiki <1.17.5, <1.18.4, <1.19.1 - XSS
Cross-site scripting (XSS) vulnerability in the outputPage function in includes/SkinTemplate.php in MediaWiki before 1.17.5, 1.18.x before 1.18.4, and 1.19.x before 1.19.1 allows remote attackers to inject arbitrary web script or HTML via the uselang parameter to index.php/Main_page.
by anonymous
Funeral Script PHP - Cross-Site Scripting / SQL Injection
by snup
vBSeo < 3.8.7 - Cross-Site Scripting via member.php u Parameter
vBSeo before 3.6.0PL2 allows XSS via the member.php u parameter.
by MegaMan
CVSS 6.1
XnView - '.RAS' Image Processing Heap Overflow
by Francis Provencher
XnView - '.FlashPix' Image Processing Heap Overflow
by Francis Provencher
XnView - '.ECW' Image Processing Heap Overflow
by Francis Provencher
Webify (Multiple Products) - Multiple HTML Injection / Local File Inclusions
by snup
Simple Document Management System 1.1.5 - Multiple SQL Injections
by JosS
News Script PHP 1.2 - Multiple Vulnerabilities
by Vulnerability-Lab
iScripts EasyCreate 2.0 - Multiple Vulnerabilities
by Vulnerability-Lab
WordPress Plugin ORGanizer - Multiple Vulnerabilities
by MustLive
Joomla! Component JCal Pro Calendar - SQL Injection
by Taurus Omar
ADICO - 'index.php' Script SQL Injection
by Ibrahim El-Sayed
ESRI ArcMap < 10.0.2.3200 - Arbitrary VBA Code Execution via Crafted Map File
ESRI ArcMap 9 and ArcGIS 10.0.2.3200 and earlier does not properly prompt users before executing embedded VBA macros, which allows user-assisted remote attackers to execute arbitrary VBA code via a crafted map (.mxd) file.
by Boston Cyber Defense
Swoopo Gold Shop CMS 8.4.56 - Multiple Web Vulnerabilities
by Vulnerability-Lab
Squirrelcart Cart Shop 3.3.4 - Multiple Web Vulnerabilities
by Vulnerability-Lab
Simple Forum PHP - Multiple SQL Injections
by Vulnerability Research Laboratory
NetArt Media Jobs Portal - SQL Injection
by Ibrahim El-Sayed
MYRE Real Estate Software 2012 Q2 - SQL Injection via link_idd or userid Parameter
Multiple SQL injection vulnerabilities in MYRE Real Estate Software (2012 Q2) allow remote attackers to execute arbitrary SQL commands via the (1) link_idd parameter to 1_mobile/listings.php or (2) userid parameter to 1_mobile/agentprofile.php.
by Vulnerability-Lab
Cells Blog CMS 1.1 - Multiple Web Vulnerabilities
by Vulnerability-Lab
By Source