Text Exploits

EIP-2026-111348 EXPLOITDB text VERIFIED

Plogger 1.0 RC1 - 'gallery_name' Cross-Site Scripting

by High-Tech Bridge SA

View

CVE-2011-2007 EXPLOITDB text VERIFIED

Microsoft Host Integration Server 2004 SP1, 2006 SP1, 2009, 2010 - Denial of Service via Crafted TCP or UDP Traffic

Microsoft Host Integration Server (HIS) 2004 SP1, 2006 SP1, 2009, and 2010 allows remote attackers to cause a denial of service (SNA Server service outage) via crafted TCP or UDP traffic, aka "Endless Loop DoS in snabase.exe Vulnerability."

by Luigi Auriemma

View

EIP-2026-114338 EXPLOITDB text VERIFIED

WordPress Theme Live Wire 2.3.1 - Multiple Vulnerabilities

by MustLive

View

EIP-2026-108950 EXPLOITDB text

K-Links - Link Directory Script SQL Injection

by R3d-D3V!L

View

EIP-2026-106921 EXPLOITDB text VERIFIED

Etki Video PRO 2.0 - 'kategori.asp?cat' SQL Injection

by Kurd-Team

View

EIP-2026-106920 EXPLOITDB text VERIFIED

Etki Video PRO 2.0 - 'izle.asp?id' SQL Injection

by Kurd-Team

View

CVE-2011-0285 EXPLOITDB text VERIFIED

MIT Kerberos 5 1.7-1.9 - Remote Code Execution via Crafted Password Change Request

The process_chpw_request function in schpw.c in the password-changing functionality in kadmind in MIT Kerberos 5 (aka krb5) 1.7 through 1.9 frees an invalid pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted request that triggers an error condition.

by Felipe Ortega

View

CVE-2011-1496 EXPLOITDB text

tmux 1.3 and 1.4 - Privilege Escalation via -S Command-Line Option

tmux 1.3 and 1.4 does not properly drop group privileges, which allows local users to gain utmp group privileges via a filename to the -S command-line option.

by ph0x90bic

View

EIP-2026-100247 EXPLOITDB text VERIFIED

Dimac CMS 1.3 XS - 'default.asp' SQL Injection

by KedAns-Dz

View

EIP-2026-111387 EXPLOITDB text

Point Market System 3.1x vBulletin plugin - SQL Injection

by Net.Edit0r

View

EIP-2026-109956 EXPLOITDB text VERIFIED

Nooms CMS 1.1.1 - Cross-Site Request Forgery

by loneferret

View

EIP-2026-108742 EXPLOITDB text

Joomla! Component joomlacontenteditor - Blind SQL Injection

by eidelweiss

View

EIP-2026-106781 EXPLOITDB text VERIFIED

eForum 1.1 - 'eforum.php' Arbitrary File Upload

by QSecure

View

EIP-2026-103533 EXPLOITDB text VERIFIED

Libmodplug ReadS3M - Stack Overflow

by SEC Consult

View

EIP-2026-113157 EXPLOITDB text VERIFIED

vTiger CRM 5.2.1 - 'sortfieldsjson.php' Local File Inclusion

by John Leitch

View

EIP-2026-113118 EXPLOITDB text VERIFIED

viscacha 0.8.1 - Multiple Vulnerabilities

by High-Tech Bridge SA

View

EIP-2026-111496 EXPLOITDB text VERIFIED

PrestaShop 1.3.6 - 'cms.php' Remote File Inclusion

by KedAns-Dz

View

EIP-2026-111021 EXPLOITDB text VERIFIED

phpcollab 2.5 - Multiple Vulnerabilities

by High-Tech Bridge SA

View

EIP-2026-104803 EXPLOITDB text VERIFIED

1024 CMS 1.1.0 Beta - Multiple Input Validation Vulnerabilities

by QSecure & Demetris Papapetrou

View

EIP-2026-101272 EXPLOITDB text VERIFIED

FiberHome HG-110 - Cross-Site Scripting / Directory Traversal

by Zerial

View

CVE-2011-10009 EXPLOITDB HIGH text VERIFIED

S40 CMS 0.4.2 - Unauthenticated Path Traversal via Index.php p Parameter

S40 CMS v0.4.2 contains a path traversal vulnerability in its index.php page handler. The p parameter is not properly sanitized, allowing attackers to traverse the file system and access arbitrary files outside the web root. This can be exploited remotely without authentication by appending traversal sequences and a null byte to bypass file extension checks.

by Osirys

View

EIP-2026-113158 EXPLOITDB text VERIFIED

vTiger CRM 5.2.1 - 'vtigerservice.php' Cross-Site Scripting

by AutoSec Tools

View

EIP-2026-106807 EXPLOITDB text VERIFIED

eGroupWare 1.8.1 - 'test.php' Cross-Site Scripting

by AutoSec Tools

View

EIP-2026-100464 EXPLOITDB text VERIFIED

Omer Portal 3.220060425 - 'arama_islem.asp' Cross-Site Scripting

by kurdish hackers team

View

CVE-2011-1714 EXPLOITDB text

qooxdoo 1.3 - Cross-Site Scripting via Callback Parameter

Cross-site scripting (XSS) vulnerability in framework/source/resource/qx/test/jsonp_primitive.php in QooxDoo 1.3 and possibly other versions, as used in eyeOS 2.2 and 2.3, and possibly other products allows remote attackers to inject arbitrary web script or HTML via the callback parameter.

by AutoSec Tools

View