Exploitdb Exploits
31,344 exploits tracked across all sources.
WordPress Plugin jRSS Widget 1.1.1 - 'url' Information Disclosure
by John Leitch
WordPress Plugin FeedList 2.61.01 - 'handler_image.php' Cross-Site Scripting
by John Leitch
Joomlashowroom Pro Desk Support Center - Path Traversal
Directory traversal vulnerability in the Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php.
by d3v1l
Cookex Agency CKForms <1.3.3 - Path Traversal
Directory traversal vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
by ALTBTA
Joomla! Component com_clan - SQL Injection
by AtT4CKxT3rR0r1ST
Bsdperimeter Pfsense - XSS
Multiple cross-site scripting (XSS) vulnerabilities in pfSense 2 beta 4 allow remote attackers to inject arbitrary web script or HTML via (1) the id parameter in an olsrd.xml action to pkg_edit.php, (2) the xml parameter to pkg.php, or the if parameter to (3) status_graph.php or (4) interfaces.php, a different vulnerability than CVE-2008-1182 and CVE-2010-4246.
by dave b
Bsdperimeter Pfsense - XSS
Multiple cross-site scripting (XSS) vulnerabilities in pfSense 2 beta 4 allow remote attackers to inject arbitrary web script or HTML via (1) the id parameter in an olsrd.xml action to pkg_edit.php, (2) the xml parameter to pkg.php, or the if parameter to (3) status_graph.php or (4) interfaces.php, a different vulnerability than CVE-2008-1182 and CVE-2010-4246.
by dave b
Bsdperimeter Pfsense - XSS
Multiple cross-site scripting (XSS) vulnerabilities in pfSense 2 beta 4 allow remote attackers to inject arbitrary web script or HTML via (1) the id parameter in an olsrd.xml action to pkg_edit.php, (2) the xml parameter to pkg.php, or the if parameter to (3) status_graph.php or (4) interfaces.php, a different vulnerability than CVE-2008-1182 and CVE-2010-4246.
by dave b
Bsdperimeter Pfsense - XSS
Multiple cross-site scripting (XSS) vulnerabilities in pfSense 2 beta 4 allow remote attackers to inject arbitrary web script or HTML via (1) the id parameter in an olsrd.xml action to pkg_edit.php, (2) the xml parameter to pkg.php, or the if parameter to (3) status_graph.php or (4) interfaces.php, a different vulnerability than CVE-2008-1182 and CVE-2010-4246.
by dave b
Pilotcart Pilot Cart - XSS
Multiple cross-site scripting (XSS) vulnerabilities in ASPilot Pilot Cart 7.3 allow remote attackers to inject arbitrary web script or HTML via the (1) countrycode parameter to contact.asp, USERNAME parameter to (2) gateway.asp and (3) cart.asp, and the specific parameter to (4) quote.asp and (5) buyitnow.
by Ariko-Security
filecopa ftp server 6.01 - Directory Traversal
by Pawel Wylecial
Pilotcart Pilot Cart - SQL Injection
Multiple SQL injection vulnerabilities in ASPilot Pilot Cart 7.3 allow remote attackers to execute arbitrary SQL commands via the (1) article parameter to kb.asp, (2) specific parameter to cart.asp, (3) countrycode parameter to contact.asp, and the (4) srch parameter to search.asp. NOTE: the article parameter to pilot.asp is already covered by CVE-2008-2688.
by Ariko-Security
Acritum Femitter Server 1.04 - Path Traversal
A vulnerability, which was classified as problematic, was found in Acritum Femitter Server 1.04. Affected is an unknown function. The manipulation leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-250446 is the identifier assigned to this vulnerability.
by chr1x
CVSS 4.3
G Data TotalCare 2011 - 'NtOpenKey' Race Condition
by Nikita Tarakanov
Joomla! Component com_forme 1.0.5 - Multiple Vulnerabilities
by jdc
Joomla! Component com_dcnews - Local File Inclusion
by Th3 RDX
Joomla! Component com_connect - Local File Inclusion
by Th3 RDX
WinTFTP Server Pro 3.1 - Directory Traversal
by Yakir Wizman
By Source