Exploitdb Exploits
31,344 exploits tracked across all sources.
phpvidz 0.9.5 - Administrative Credentials Disclosure
by Michael Brooks
Getsimple CMS 2.01 < 2.02 - Administrative Credentials Disclosure
by Michael Brooks
Dustincowell Free Simple Software - SQL Injection
SQL injection vulnerability in the download module in Free Simple Software 1.0 allows remote attackers to execute arbitrary SQL commands via the downloads_id parameter in a download_now action to index.php.
by Mark Stanislav
SimpLISTic SQL 2.0 - 'email.cgi' Cross-Site Scripting
by Aliaksandr Hartsuyeu
ZYXEL P-660R-T1 V2 - 'HomeCurrent_Date' Cross-Site Scripting
by Usman Saeed
AuraCMS 1.62 - SQL Injection
SQL injection vulnerability in pdf.php in AuraCMS 1.62 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-4804 and CVE-2007-4171.
by Don Tukulesto
Apache Tomcat < 7.0.5 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in the Manager application in Apache Tomcat 6.0.12 through 6.0.29 and 7.0.0 through 7.0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) orderBy or (2) sort parameter to sessionsList.jsp, or unspecified input to (3) sessionDetail.jsp or (4) java/org/apache/catalina/manager/JspHelper.java, related to use of untrusted web applications.
by Adam Muntner
Apple Iphone OS < 4.1 - Access Control
Networking in Apple iOS before 4.2 accesses an invalid pointer during the processing of packet filter rules, which allows local users to gain privileges via unspecified vectors.
by Apple
Hot Links SQL 3.2 - 'report.cgi' SQL Injection
by Aliaksandr Hartsuyeu
S-CMS 2.5 - SQL Injection
SQL injection vulnerability to viewforum.php in S-CMS 2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by LordTittiS
Native Instruments Service Center 2.2.5 - Local Privilege Escalation
by LiquidWorm
Native Instruments Reaktor 5 Player 5.5.1 - Heap Memory Corruption
by LiquidWorm
vBulletin 4.0.8 PL1 - Cross-Site Scripting Filter Bypass within Profile Customization
by MaXe
S-CMS 2.5 - XSS
Cross-site scripting (XSS) vulnerability in blocks/lang.php in S-CMS 2.5 allows remote attackers to inject arbitrary web script or HTML via the id parameter to viewforum.php.
by LordTittiS
Joomla! com_jimtawl 1.0.2 - Path Traversal
Directory traversal vulnerability in the Jimtawl (com_jimtawl) component 1.0.2 Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the task parameter to index.php.
by Mask_magicianz
CommodityRentals DVD Rentals Script - SQL Injection
SQL injection vulnerability in index.php in CommodityRentals DVD Rentals Script allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a catalog action.
by JaMbA
By Source