Text Exploits

EIP-2026-105796 EXPLOITDB text VERIFIED

CF Image Hosting Script 1.3 - 'settings.cdb' Information Disclosure

by Dr.$audi

View

CVE-2010-3204 EXPLOITDB text

Pecio CMS 2.0.5 - Remote Code Execution via Template Parameter File Inclusion

Multiple PHP remote file inclusion vulnerabilities in Pecio CMS 2.0.5 allow remote attackers to execute arbitrary PHP code via a URL in the template parameter to (1) post.php, (2) article.php, (3) blog.php, or (4) home.php in pec_templates/nova-blue/.

by eidelweiss

View

CVE-2008-5841 EXPLOITDB text VERIFIED

iGaming CMS < 1.5 - SQL Injection via browse Parameter

Multiple SQL injection vulnerabilities in iGaming 1.5 and earlier allow remote attackers to execute arbitrary SQL commands via the browse parameter to (1) previews.php and (2) reviews.php, and the (3) id parameter to index.php in a viewarticle action.

by Sweet

View

EIP-2026-106915 EXPLOITDB text

Esvon Classifieds 4.0 - Multiple Vulnerabilities

by Sn!pEr.S!Te

View

EIP-2026-100544 EXPLOITDB text VERIFIED

Shop Creator 4.0 - SQL Injection

by Pouya_Server

View

EIP-2026-112947 EXPLOITDB text VERIFIED

Valarsoft WebMatic 3.0.5 - Multiple HTML Injection Vulnerabilities

by High-Tech Bridge SA

View

EIP-2026-112571 EXPLOITDB text VERIFIED

TCMS - Multiple Input Validation Vulnerabilities

by High-Tech Bridge SA

View

EIP-2026-111547 EXPLOITDB text VERIFIED

Prometeo 1.0.65 - SQL Injection

by Lord Tittis3000

View

EIP-2026-110383 EXPLOITDB text

osCommerce Online Merchant - Remote File Inclusion

by LoSt.HaCkEr

View

CVE-2010-4878 EXPLOITDB text VERIFIED

Kontakt Formular 1.1 - Remote Code Execution via script_pfad Parameter

PHP remote file inclusion vulnerability in formmailer.php in Kontakt Formular 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the script_pfad parameter.

by bd0rk

View

EIP-2026-108514 EXPLOITDB text

Joomla! Component com_remository - Arbitrary File Upload

by J3yk0ob

View

CVE-2010-4884 EXPLOITDB text VERIFIED

Gaestebuch 1.2 - Remote Code Execution via script_pfad Parameter

PHP remote file inclusion vulnerability in guestbook/gbook.php in Gaestebuch 1.2 allows remote attackers to execute arbitrary PHP code via a URL in the script_pfad parameter.

by bd0rk

View

EIP-2026-106114 EXPLOITDB text VERIFIED

CompuCMS - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities

by High-Tech Bridge SA

View

EIP-2026-105281 EXPLOITDB text VERIFIED

Atomic Photo Album 1.0.2 - Multiple Vulnerabilities

by sh00t0ut

View

CVE-2010-3073 EXPLOITDB text VERIFIED

EncFS < 1.7.0 - Information Disclosure via SSL_Cipher.cpp Header Construction

SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization vectors, which makes it easier for local users to obtain sensitive information by defeating cryptographic protection mechanisms.

by Micha Riser

View

CVE-2010-3129 EXPLOITDB text VERIFIED

uTorrent <= 2.0.3 - DLL Hijacking via Trojan Horse DLL in Torrent File Directory

Untrusted search path vulnerability in uTorrent 2.0.3 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse plugin_dll.dll, userenv.dll, shfolder.dll, dnsapi.dll, dwmapi.dll, iphlpapi.dll, dhcpcsvc.dll, dhcpcsvc6.dll, or rpcrtremote.dll that is located in the same folder as a .torrent or .btsearch file.

by Dr_IDE

View

CVE-2010-3124 EXPLOITDB text

VLC Media Player < 1.1.3 - Untrusted Search Path and DLL Hijacking via wintab32.dll

Untrusted search path vulnerability in bin/winvlc.c in VLC Media Player 1.1.3 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll that is located in the same folder as a .mp3 file.

by Secfence

View

CVE-2010-3145 EXPLOITDB text

Microsoft BitLocker Drive Encryption API - Privilege Escalation

Untrusted search path vulnerability in the BitLocker Drive Encryption API, as used in sdclt.exe in Backup Manager in Microsoft Windows Vista SP1 and SP2, allows local users to gain privileges via a Trojan horse fveapi.dll file in the current working directory, as demonstrated by a directory that contains a Windows Backup Catalog (.wbcat) file, aka "Backup Manager Insecure Library Loading Vulnerability."

by Beenu Arora

View

CVE-2010-3144 EXPLOITDB text VERIFIED

Microsoft Windows XP/SP3-Server 2003 SP2 - Privilege Escalation

Untrusted search path vulnerability in the Internet Connection Signup Wizard in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a Trojan horse smmscrpt.dll file in the current working directory, as demonstrated by a directory that contains an ISP or INS file, aka "Internet Connection Signup Wizard Insecure Library Loading Vulnerability."

by Beenu Arora

View

EIP-2026-115254 EXPLOITDB text

Flash Movie Player 1.5 - File Magic Denial of Service

by Matthew Bergin

View

EIP-2026-112095 EXPLOITDB text VERIFIED

Simple Forum PHP - Multiple Vulnerabilities

by arnab_s

View

EIP-2026-105870 EXPLOITDB text

ClanSphere 2010 - Multiple Vulnerabilities

by Sweet

View

EIP-2026-105511 EXPLOITDB text VERIFIED

BlastChat Client 3.3 - Cross-Site Scripting

by Aung Khant

View

EIP-2026-103389 EXPLOITDB text VERIFIED

Adobe Acrobat Reader < 9.x - Memory Corruption

by ITSecTeam

View

EIP-2026-108169 EXPLOITDB text

Joomla! 1.5 - URL Redirecting

by Mr.MLL

View