Text Exploits
31,386 exploits tracked across all sources.
Zomplog 3.9 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities
by High-Tech Bridge SA
Zomplog 3.9 - Cross-Site Request Forgery
by High-Tech Bridge SA
W-Agora 4.1.5 - Local File Inclusion / Cross-Site Scripting
by MustLive
phpLiterAdmin 1.0 RC1 - Authentication Bypass
by High-Tech Bridge SA
Novaboard 1.1.4 - Local File Inclusion
by High-Tech Bridge SA
NinkoBB 1.3 RC5 - Cross-Site Scripting via User Profile Parameters
Multiple cross-site scripting (XSS) vulnerabilities in users.php in NinkoBB 1.3 RC5 allow remote attackers to inject arbitrary web script or HTML via the (1) first_name, (2) last_name, (3) msn, or (4) aim parameter.
by High-Tech Bridge SA
Energine < 2.3.8 - SQL Injection via NRGNSID Cookie
SQL injection vulnerability in index.php in Energine, possibly 2.3.8 and earlier, allows remote attackers to execute arbitrary SQL commands via the NRGNSID cookie.
by High-Tech Bridge SA
DZCP (deV!L_z Clanportal) 1.5.4 - Local File Inclusion
by High-Tech Bridge SA
DBHcms 1.1.4 - 'dbhcms_user/SearchString' SQL Injection
by High-Tech Bridge SA
BloofoxCMS 0.3.5 - SQL Injection via Gender Parameter
SQL injection vulnerability in index.php in BloofoxCMS 0.3.5 allows remote attackers to execute arbitrary SQL commands via the gender parameter.
by High-Tech Bridge SA
BloofoxCMS 0.3.5 - Information Disclosure
by High-Tech Bridge SA
BlogBird Platform - Multiple Cross-Site Scripting Vulnerabilities
by High-Tech Bridge SA
AlstraSoft Web Email Script Enterprise - SQL Injection
SQL injection vulnerability in index.php in AlstraSoft Web Email Script Enterprise (ESE) allows remote attackers to execute arbitrary SQL commands via the id parameter in a directory action.
by Salvatore Fresta
DescargarVista ACC IMoveis 1.1 - SQL Injection via id Parameter
SQL injection vulnerability in imoveis.php in DescargarVista ACC IMoveis 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by EraGoN
NitroSecurity NitroView ESM 8.4.0a - Remote Command Execution via Request Parameter
ess.pm in NitroSecurity NitroView ESM 8.4.0a, when ESSPMDebug is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in the Request parameter to ess.
by Filip Palian
Plesk Small Business Manager 10.2.0 and Site Editor - Multiple Vulnerabilities
by David Hoyt
Pulse Pro 1.4.3 - Persistent Cross-Site Scripting
by Th3 RDX
DBHcms 1.1.4 - SQL Injection via Editmenu Parameter
SQL injection vulnerability in index.php in DBHcms 1.1.4 allows remote attackers to execute arbitrary SQL commands via the editmenu parameter.
by ZonTa
W-Agora < 4.2.1 - Cross-Site Scripting via search.php3 bn Parameter
Cross-site scripting (XSS) vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the bn parameter.
by MustLive
W-Agora < 4.2.1 - Path Traversal via Search Parameter
Directory traversal vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the bn parameter.
by MustLive
Simple Directory Listing 2.1 - 'SDL2.php' Cross-Site Scripting
by Amol Naik
By Source