Exploitdb Exploits

CVE-2011-0519 EXPLOITDB text VERIFIED

Gallarific Php Photo Gallery Script - SQL Injection

SQL injection vulnerability in gallery.php in Gallarific PHP Photo Gallery script 2.1 and possibly other versions allows remote attackers to execute arbitrary SQL commands via the id parameter.

by AtT4CKxT3rR0r1ST

View

EIP-2026-112582 EXPLOITDB text

Tech Shop Technote 7 - SQL Injection

by MaJ3stY

View

EIP-2026-111872 EXPLOITDB text VERIFIED

Sahana Agasti 0.6.4 - SQL Injection

by dun

View

CVE-2012-5099 EXPLOITDB text VERIFIED

PHPB2B <4.1 - XSS

Cross-site scripting (XSS) vulnerability in list.php in PHPB2B 4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the q parameter in a search action.

by H4ckCity Security Team

View

EIP-2026-109022 EXPLOITDB text VERIFIED

KLINK - SQL Injection

by Mauro Rossi & Andres Gomez

View

EIP-2026-105848 EXPLOITDB text VERIFIED

ChurchInfo 1.2.12 - SQL Injection

by dun

View

CVE-2010-0219 EXPLOITDB text VERIFIED

Apache Axis2 - Credentials Management

Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier for remote attackers to execute arbitrary code by uploading a crafted web service.

by rgod

View

EIP-2026-107776 EXPLOITDB text VERIFIED

Ignition 1.3 - 'page.php' Local File Inclusion

by cOndemned

View

CVE-2010-10012 EXPLOITDB HIGH text VERIFIED

httpdasm 0.92 - Path Traversal

A path traversal vulnerability exists in httpdasm version 0.92, a lightweight Windows HTTP server, that allows unauthenticated attackers to read arbitrary files on the host system. By sending a specially crafted GET request containing a sequence of URL-encoded backslashes and directory traversal patterns, an attacker can escape the web root and access sensitive files outside of the intended directory.

by John Leitch

View

EIP-2026-119070 EXPLOITDB text VERIFIED

QuickPHP Web Server 1.9.1 - Directory Traversal

by John Leitch

View

EIP-2026-113501 EXPLOITDB text VERIFIED

WordPress Core 3.0.3 - Persistent Cross-Site Scripting (Internet Explorer 6/7 / NS8.1)

by Saif

View

EIP-2026-112185 EXPLOITDB text VERIFIED

Siteframe CMS 3.2.3 - 'user.php' SQL Injection

by AnGrY BoY

View

EIP-2026-110793 EXPLOITDB text VERIFIED

PHP-AddressBook 6.2.4 - 'group.php' SQL Injection

by hiphop

View

EIP-2026-109910 EXPLOITDB text

News Script PHP Pro - 'FCKeditor' Arbitrary File Upload

by Net.Edit0r

View

EIP-2026-109219 EXPLOITDB text VERIFIED

LoveCMS 1.6.2 - Cross-Site Request Forgery / Code Injection

by hiphop

View

EIP-2026-109130 EXPLOITDB text VERIFIED

LightNEasy 3.2.2 - Multiple Vulnerabilities

by High-Tech Bridge SA

View

EIP-2026-108958 EXPLOITDB text

kaibb 1.0.1 - Multiple Vulnerabilities

by High-Tech Bridge SA

View

EIP-2026-106617 EXPLOITDB text VERIFIED

DzTube - SQL Injection

by errnick qwe

View

EIP-2026-106465 EXPLOITDB text VERIFIED

Discovery TorrentTrader 2.6 - Multiple Vulnerabilities

by EsS4ndre

View

EIP-2026-106435 EXPLOITDB text

DGNews 2.1 - SQL Injection

by kalashnikov

View

EIP-2026-105229 EXPLOITDB text

ardeaCore 2.25 - PHP Framework Remote File Inclusion

by n0n0x

View

EIP-2026-101249 EXPLOITDB text VERIFIED

DD-WRT 24-preSP2 - Information Disclosure

by Craig Heffner

View

EIP-2026-107657 EXPLOITDB text VERIFIED

HotWeb Scripts HotWeb Rentals - 'PageId' SQL Injection

by non customers

View

CVE-2010-4693 EXPLOITDB text VERIFIED

Coppermine Photo Gallery <1.5.10 - XSS

Multiple cross-site scripting (XSS) vulnerabilities in Coppermine Photo Gallery 1.5.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) h and (2) t parameters to help.php, or (3) picfile_XXX parameter to searchnew.php.

by waraxe

View

EIP-2026-113236 EXPLOITDB text VERIFIED

Web@all 1.1 - Remote Admin Settings Change

by Giuseppe D'Inverno

View