Text Exploits
31,386 exploits tracked across all sources.
FuseTalk 3.2/4.0 - Multiple Cross-Site Scripting Vulnerabilities
by Juan Manuel Garcia
Family Connections Who is Chatting <2.2.3 - RCE
PHP remote file inclusion vulnerability in mod_chatting/themes/default/header.php in Family Connections Who is Chatting 2.2.3 allows remote attackers to execute arbitrary PHP code via a URL in the TMPL[path] parameter.
by lumut--
freeciv < 2.3.3 - Denial of Service via Crafted Packet
Freeciv before 2.3.3 allows remote attackers to cause a denial of service via a crafted packet.
by Luigi Auriemma
CVSS 7.5
Ziggurat Farsi CMS - SQL Injection via main.asp grp Parameter
SQL injection vulnerability in main.asp in Ziggurat Farsi CMS allows remote attackers to execute arbitrary SQL commands via the grp parameter.
by Arash Saadatfar
Microsoft IIS 5.1 on Windows XP SP3 - Directory Authentication Bypass via Crafted Request
Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 on Windows XP SP3, when directory-based Basic Authentication is enabled, allows remote attackers to bypass intended access restrictions and execute ASP files via a crafted request, aka "Directory Authentication Bypass Vulnerability."
by Soroush Dalili
iScripts CyberMatch 1.0 - SQL Injection
SQL injection vulnerability in profile.php in iScripts CyberMatch 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Salvatore Fresta
Iphone Pointter Social Network - Local File Inclusion
by Sid3^effects
Xplico 0.5.7 - 'add.ctp' Cross-Site Scripting (2)
by Marcos Garcia & Maximiliano Soler
Xplico 0.5.7 - 'add.ctp' Cross-Site Scripting (1)
by Marcos Garcia & Maximiliano Soler
Windows Vista SP1/SP2 and Server 2008 Gold/SP2 - Use-After-Free in LockProcessByClientId
Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2 and Server 2008 Gold and SP2 allows local users to gain privileges or cause a denial of service (system crash) by using a large number of calls to the NtUserCheckAccessForIntegrityLevel function to trigger a failure in the LockProcessByClientId function, leading to deletion of an in-use process object, aka "Win32k Reference Count Vulnerability."
by MSRC
Wiki Web Help 0.2.7 - Cross-Site Scripting / HTML Injection
by John Leitch
Joomla! Component com_dateconverter 0.1 - SQL Injection
by RoAd_KiLlEr
iScripts ReserveLogic 1.0 - SQL Injection
SQL injection vulnerability in packagedetails.php in iScripts ReserveLogic 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter.
by Salvatore Fresta
iScripts EasySnaps 2.0 - SQL Injection via Comment Parameter
Multiple SQL injection vulnerabilities in iScripts EasySnaps 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) comment parameter to add_comments.php, (2) values parameter to tags_details.php, or (3) begin parameter to greetings.php.
by Salvatore Fresta
Interscan Web Security 5.0 - Persistent Cross-Site Scripting
by Ivan Huertas
Flatnux 2010-06.09 - 'find' Cross-Site Scripting
by ITSecTeam
DPScms - 'q' SQL Injection / Cross-Site Scripting
by Ariko-Security
By Source