Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
CVE-2012-0067 EXPLOITDB text VERIFIED
Wireshark 1.4.x-1.4.10 and 1.6.x-1.6.4 - Denial of Service via Long Packet in AIX iptrace File
wiretap/iptrace.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in an AIX iptrace file.
by Laurent Butti
CVE-2012-5293 EXPLOITDB text VERIFIED
SAPID CMS 1.2.3 - Remote Code Execution via GLOBALS[root_path] or root_path Parameter
Multiple PHP remote file inclusion vulnerabilities in SAPID CMS 1.2.3 Stable allow remote attackers to execute arbitrary PHP code via a URL in the (1) GLOBALS[root_path] parameter to usr/extensions/get_tree.inc.php or (2) root_path parameter to usr/extensions/get_infochannel.inc.php.
by Opa Yong
EIP-2026-110445 EXPLOITDB text
Paddelberg Topsite Script - Authentication Bypass
by Christian Inci
CVE-2012-6529 EXPLOITDB text VERIFIED
Marinet CMS - SQL Injection via id or roomid Parameter
Multiple SQL injection vulnerabilities in Marinet CMS allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) galleryphoto.php or (2) gallery.php; or the roomid parameter to (3) room.php or (4) room2.php.
by H4ckCity Security Team
CVE-2012-6529 EXPLOITDB text VERIFIED
Marinet CMS - SQL Injection via id or roomid Parameter
Multiple SQL injection vulnerabilities in Marinet CMS allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) galleryphoto.php or (2) gallery.php; or the roomid parameter to (3) room.php or (4) room2.php.
by H4ckCity Security Team
CVE-2012-6529 EXPLOITDB text VERIFIED
Marinet CMS - SQL Injection via id or roomid Parameter
Multiple SQL injection vulnerabilities in Marinet CMS allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) galleryphoto.php or (2) gallery.php; or the roomid parameter to (3) room.php or (4) room2.php.
by H4ckCity Security Team
EIP-2026-107498 EXPLOITDB text VERIFIED
Gregarius 0.6.1 - Multiple SQL Injections / Cross-Site Scripting
by sonyy
CVE-2012-6644 EXPLOITDB text
ClipBucket 2.6 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to channels.php, (2) collections.php, (3) groups.php, or (4) videos.php; (5) query parameter to search_result.php; or (6) type parameter to view_collection.php or (7) view_item.php.
by YaDoY666
CVE-2012-6644 EXPLOITDB text VERIFIED
ClipBucket 2.6 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to channels.php, (2) collections.php, (3) groups.php, or (4) videos.php; (5) query parameter to search_result.php; or (6) type parameter to view_collection.php or (7) view_item.php.
by YaDoY666
CVE-2012-6644 EXPLOITDB text VERIFIED
ClipBucket 2.6 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to channels.php, (2) collections.php, (3) groups.php, or (4) videos.php; (5) query parameter to search_result.php; or (6) type parameter to view_collection.php or (7) view_item.php.
by YaDoY666
CVE-2012-6643 EXPLOITDB text VERIFIED
ClipBucket 2.6 - SQL Injection via Time Parameter
Multiple SQL injection vulnerabilities in the update_counter function in includes/functions.php in ClipBucket 2.6 allow remote attackers to execute arbitrary SQL commands via the time parameter to (1) videos.php or (2) channels.php. NOTE: some of these details are obtained from third party information.
by YaDoY666
CVE-2012-6644 EXPLOITDB text VERIFIED
ClipBucket 2.6 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to channels.php, (2) collections.php, (3) groups.php, or (4) videos.php; (5) query parameter to search_result.php; or (6) type parameter to view_collection.php or (7) view_item.php.
by YaDoY666
CVE-2012-6644 EXPLOITDB text VERIFIED
ClipBucket 2.6 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to channels.php, (2) collections.php, (3) groups.php, or (4) videos.php; (5) query parameter to search_result.php; or (6) type parameter to view_collection.php or (7) view_item.php.
by YaDoY666
CVE-2012-6644 EXPLOITDB text VERIFIED
ClipBucket 2.6 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to channels.php, (2) collections.php, (3) groups.php, or (4) videos.php; (5) query parameter to search_result.php; or (6) type parameter to view_collection.php or (7) view_item.php.
by YaDoY666
CVE-2012-6644 EXPLOITDB text VERIFIED
ClipBucket 2.6 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to channels.php, (2) collections.php, (3) groups.php, or (4) videos.php; (5) query parameter to search_result.php; or (6) type parameter to view_collection.php or (7) view_item.php.
by YaDoY666
CVE-2012-6643 EXPLOITDB text VERIFIED
ClipBucket 2.6 - SQL Injection via Time Parameter
Multiple SQL injection vulnerabilities in the update_counter function in includes/functions.php in ClipBucket 2.6 allow remote attackers to execute arbitrary SQL commands via the time parameter to (1) videos.php or (2) channels.php. NOTE: some of these details are obtained from third party information.
by YaDoY666
CVE-2012-6644 EXPLOITDB text VERIFIED
ClipBucket 2.6 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to channels.php, (2) collections.php, (3) groups.php, or (4) videos.php; (5) query parameter to search_result.php; or (6) type parameter to view_collection.php or (7) view_item.php.
by YaDoY666
CVE-2012-6040 EXPLOITDB text VERIFIED
File King Advanced File Management 1.4 - Cross-Site Scripting via Page Parameter
Cross-site scripting (XSS) vulnerability in users.php in File King Advanced File Management 1.4 allows remote attackers to inject arbitrary web script or HTML via the page parameter.
by Am!r
CVE-2012-5288 EXPLOITDB text VERIFIED
phpMyDirectory 1.3.3 - SQL Injection
SQL injection vulnerability in page.php in phpMyDirectory 1.3.3 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Serseri
CVE-2012-5348 EXPLOITDB text VERIFIED
MangosWeb Enhanced 3.0.3 - SQL Injection
SQL injection vulnerability in MangosWeb Enhanced 3.0.3 allows remote attackers to execute arbitrary SQL commands via the login parameter in a login action to index.php.
by Hood3dRob1n
CVE-2012-5292 EXPLOITDB text VERIFIED
Atar2b CMS 4.0.1 - SQL Injection via id Parameter
Multiple SQL injection vulnerabilities in Atar2b CMS 4.0.1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) gallery_e.php, (2) pageE.php, or (3) pageH.php.
by BHG Security Center
CVE-2012-5292 EXPLOITDB text VERIFIED
Atar2b CMS 4.0.1 - SQL Injection via id Parameter
Multiple SQL injection vulnerabilities in Atar2b CMS 4.0.1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) gallery_e.php, (2) pageE.php, or (3) pageH.php.
by BHG Security Center
CVE-2012-5292 EXPLOITDB text VERIFIED
Atar2b CMS 4.0.1 - SQL Injection via id Parameter
Multiple SQL injection vulnerabilities in Atar2b CMS 4.0.1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) gallery_e.php, (2) pageE.php, or (3) pageH.php.
by BHG Security Center
EIP-2026-100245 EXPLOITDB text VERIFIED
DIGIT CMS 1.0.7 - Cross-Site Scripting / SQL Injection
by BHG Security Center
CVE-2012-5349 EXPLOITDB text
Pay With Tweet < 1.1 - Cross-Site Scripting via Link, Title, or DL Parameter
Multiple cross-site scripting (XSS) vulnerabilities in pay.php in the Pay With Tweet plugin before 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) link, (2) title, or (3) dl parameter.
by Gianluca Brindisi
By Source
All 31,386 Writeup 62,313 Exploitdb 50,076 Nomisec 22,418 Github 3,633 Metasploit 3,314 Vulncheck_xdb 929 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,574 ruby 6,005 c 3,628 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 229 shell 131 go 73 postscript 25 typescript 25