Exploitdb Exploits
31,344 exploits tracked across all sources.
PsNews 1.3 - SQL Injection
Multiple SQL injection vulnerabilities in PsNews 1.3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) ndetail.php and (2) print.php.
by S.W.T
PreProject Multi-Vendor Shopping Malls - SQL Injection / Authentication Bypass
by **RoAd_KiLlEr**
NTSOFT BBS E-Market Professional - Multiple Cross-Site Scripting Vulnerabilities (2)
by Ivan Sanchez
RightInPoint Lyrics Script 3.0 - SQL Injection
SQL injection vulnerability in index.php in RightInPoint Lyrics Script 3.0 allows remote attackers to execute arbitrary SQL commands via the artist_id parameter in an addalbum action.
by Sid3^effects
NeoRecruit 1.6.4 - SQL Injection
SQL injection vulnerability in the NeoRecruit (com_neorecruit) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in an offer_view action to index.php, a different vector than CVE-2007-4506.
by Sid3^effects
Joomla! AutarTimonial 1.0.8 - SQL Injection
SQL injection vulnerability in the AutarTimonial (com_autartimonial) component 1.0.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the limit parameter in an autartimonial action to index.php. NOTE: some of these details are obtained from third party information.
by Sid3^effects
IBM BladeCenter - Info Disclosure
The IBM BladeCenter with Advanced Management Module (AMM) firmware build ID BPET48L, and possibly other versions before 4.7 and 5.0, stores sensitive information under the web root with insufficient access control, which allows remote attackers to download (1) logs or (2) core files via direct requests, as demonstrated by a request for private/sdc.tgz.
by Alexey Sintsov
i-Net Solution Matrimonial Script 2.0.3 - 'alert.php' Cross-Site Scripting
by Andrea Bocchetti
BS Events Directory - 'articlesdetails.php' SQL Injection
by Easy Laster
BS Classifieds Ads - 'articlesdetails.php' SQL Injection
by Easy Laster
BrotherScripts BS - SQL Injection
SQL injection vulnerability in articlesdetails.php in BrotherScripts (BS) Business Directory allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Easy Laster
BS Auto Classifieds - 'info.php' SQL Injection
by Easy Laster
BrotherScripts < - SQL Injection
SQL injection vulnerability in info.php in BrotherScripts (BS) and ScriptsFeed Auto Dealer allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Easy Laster
Auction_Software Script - Admin Authentication Bypass
by ALTBTA
Unreal Engine 2.5 - 'UpdateConnectingMessage()' Remote Stack Buffer Overflow (PoC)
by Luigi Auriemma
Multiple Tripwire Interactive Games - 'STEAMCLIENTBLOB' Multiple Denial of Service Vulnerabilities
by Luigi Auriemma
Wiki Web Help 0.28 - SQL Injection
SQL injection vulnerability in handlers/getpage.php in Wiki Web Help 0.28 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by ADEO Security
Orbis CMS 1.0.2 - XSS
Cross-site scripting (XSS) vulnerability in admin/editors/text/editor-body.php in Orbis CMS 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the s parameter.
by John Leitch
odCMS 1.07 - 'archive.php' Cross-Site Scripting
by John Leitch
Newanz NewsOffice <2.0.18 - XSS
Cross-site scripting (XSS) vulnerability in news_show.php in Newanz NewsOffice 2.0.18 allows remote attackers to inject arbitrary web script or HTML via the n-cat parameter.
by John Leitch
Joomla! com_canteen 1.0 - SQL Injection
SQL injection vulnerability in menu.php in the Canteen (com_canteen) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the mealid parameter to index.php.
by Drosophila
By Source