Exploitdb Exploits

EIP-2026-106059 EXPLOITDB text VERIFIED

Collabtive 0.6.5 - Multiple Remote Input Validation Vulnerabilities

by High-Tech Bridge SA

View

EIP-2026-114501 EXPLOITDB text VERIFIED

YaCOMAS 0.3.6 OpenCMS - Multiple Cross-Site Scripting Vulnerabilities

by Pr@fesOr X

View

EIP-2026-114500 EXPLOITDB text

YaCOMAS 0.3.6 Alpha - Multiple Vulnerabilities

by Pr@fesOr X

View

EIP-2026-111335 EXPLOITDB text

Pligg CMS 1.1.3 - Multiple Vulnerabilities

by Jelmer de Hen

View

EIP-2026-107953 EXPLOITDB text VERIFIED

IrIran Shoping Script - SQL Injection

by Net.Edit0r

View

CVE-2011-1557 EXPLOITDB text VERIFIED

ICloudCenter ICJobSite <1.1 - SQL Injection

SQL injection vulnerability in ICloudCenter ICJobSite 1.1 allows remote attackers to execute arbitrary SQL commands via the pid parameter to an unspecified component, a different vulnerability than CVE-2011-1546. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

by RoAd_KiLlEr

View

EIP-2026-107530 EXPLOITDB text VERIFIED

GuppY 4.6.14 - 'lng' Multiple SQL Injections

by kurdish hackers team

View

EIP-2026-105466 EXPLOITDB text

BigACE 2.7.5 - Arbitrary File Upload

by Net.Edit0r

View

CVE-2011-1546 EXPLOITDB text VERIFIED

Andy's PHP Knowledgebase <0.95.3 - SQL Injection

Multiple SQL injection vulnerabilities in Andy's PHP Knowledgebase (Aphpkb) before 0.95.3 allow remote attackers to execute arbitrary SQL commands via the s parameter to (1) a_viewusers.php or (2) keysearch.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the (3) id or (4) start parameter to pending.php, or the (5) aid parameter to a_authordetails.php. NOTE: some of these details are obtained from third party information.

by Mark Stanislav

View

CVE-2011-1487 EXPLOITDB text VERIFIED

Perl <5.14 - Info Disclosure

The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x through 5.12.3, and 5.13.x through 5.13.11, do not apply the taint attribute to the return value upon processing tainted input, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string.

by mmartinec

View

EIP-2026-100232 EXPLOITDB text VERIFIED

CosmoQuest - Authentication Bypass

by Net.Edit0r

View

EIP-2026-118462 EXPLOITDB text VERIFIED

Easy File Sharing Web Server 5.8 - Multiple Vulnerabilities

by AutoSec Tools

View

EIP-2026-114453 EXPLOITDB text VERIFIED

XOOPS - 'view_photos.php' Cross-Site Scripting

by KedAns-Dz

View

CVE-2011-1671 EXPLOITDB text VERIFIED

Tracks <2.0 - XSS

Cross-site scripting (XSS) vulnerability in app/controllers/todos_controller.rb in Tracks 1.7.2, 2.0RC2, and 2.0devel allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to todos/tag/. NOTE: some of these details are obtained from third party information.

by Mesut Timur

View

EIP-2026-112393 EXPLOITDB text VERIFIED

Spitfire 1.0.3x - 'cms_username' Cross-Site Scripting

by High-Tech Bridge SA

View

EIP-2026-110392 EXPLOITDB text VERIFIED

oscss2 2.1.0 rc12 - Multiple Vulnerabilities

by AutoSec Tools

View

EIP-2026-110391 EXPLOITDB text VERIFIED

osCSS 2.1 - Multiple Cross-Site Scripting / Local File Inclusions

by AutoSec Tools

View

EIP-2026-105882 EXPLOITDB text VERIFIED

Claroline 1.10 - Persistent Cross-Site Scripting

by AutoSec Tools

View

CVE-2011-1556 EXPLOITDB text VERIFIED

Andy's PHP Knowledgebase 0.95.4 - SQL Injection

SQL injection vulnerability in plugins/pdfClasses/pdfgen.php in Andy's PHP Knowledgebase (Aphpkb) 0.95.4 allows remote attackers to execute arbitrary SQL commands via the pdfa parameter.

by AutoSec Tools

View

CVE-2011-4342 EXPLOITDB text

PHP <1.7.2 - RCE

PHP remote file inclusion vulnerability in wp_xml_export.php in the BackWPup plugin before 1.7.2 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the wpabs parameter.

by Sense of Security

View

EIP-2026-113264 EXPLOITDB text VERIFIED

webEdition CMS 6.1.0.2 - 'DOCUMENT_ROOT' Local File Inclusion

by eidelweiss

View

EIP-2026-113263 EXPLOITDB text

webEdition CMS - Local File Inclusion

by eidelweiss

View

EIP-2026-107613 EXPLOITDB text VERIFIED

Honey Soft Web Solution - Multiple Vulnerabilities

by **RoAd_KiLlEr**

View

EIP-2026-105881 EXPLOITDB text VERIFIED

Claroline 1.10 - Multiple HTML Injection Vulnerabilities

by AutoSec Tools

View

EIP-2026-105097 EXPLOITDB text VERIFIED

Alkacon OpenCMS 7.5.x - Multiple Cross-Site Scripting Vulnerabilities

by antisnatchor

View