Text Exploits
31,386 exploits tracked across all sources.
Joomla! Component com_zoomportfolio - SQL Injection
by Chip d3 bi0s
Auto CMS 1.6 - Cross-Site Scripting via Sitetitle Parameter
Cross-site scripting (XSS) vulnerability in autocms.php in Auto CMS 1.6 allows remote attackers to inject arbitrary web script or HTML via the sitetitle parameter.
by High-Tech Bridge SA
Joomla! Component Biblioteca 1.0 Beta - Multiple SQL Injections
by Salvatore Fresta
Joomla! Component com_extcalendar - Blind SQL Injection
by Lagripe-Dz
Oracle MySQL 5.1 < 5.1.49 and 5.5 < 5.5.5 - Authenticated Denial of Service via LOAD DATA INFILE
Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request.
by Elena Stepanova
Oracle MySQL 5.1 - Authenticated Denial of Service via BINLOG Command
Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via certain arguments to the BINLOG command, which triggers an access of uninitialized memory, as demonstrated by valgrind.
by Shane Bester
Oracle MySQL 5.1 < 5.1.49 and 5.5 < 5.5.5 - Authenticated Denial of Service via HANDLER Interface
Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using the HANDLER interface and performing "alternate reads from two indexes on a table," which triggers an assertion failure.
by Matthias Leich
MySQL < 5.1.49 and < 5.0.92 - Authenticated Denial of Service via EXPLAIN with Crafted SELECT UNION ORDER BY
Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function.
by Bjorn Munch
SonicWALL E-Class SSL-VPN - ActiveX Control Format String Overflow
by Nikolas Sotiriu
Syntax Highlighter 3.0.83 - 'index.html' HTML Injection
by indoushka
Cacti < 0.8.7g - Cross-Site Scripting via Filter Parameter
Cross-site scripting (XSS) vulnerability in utilities.php in Cacti before 0.8.7g, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote attackers to inject arbitrary web script or HTML via the filter parameter.
by Marc Schoenefeld
Oracle MySQL 5.1 - Authenticated Denial of Service via Temporary Table Creation with Nullable Columns
Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by creating temporary tables with nullable columns while using InnoDB, which triggers an assertion failure.
by Boris Reisig
Nagios XI - 'login.php' Multiple Cross-Site Scripting Vulnerabilities
by Adam Baldwin
Enemy Territory: Quake Wars 1.5.12642.33243 - Remote Buffer Overflow
by Luigi Auriemma
By Source