Text Exploits
31,386 exploits tracked across all sources.
Kryn.cms 6.0 - Cross-Site Request Forgery / HTML Injection
by TurboBorland
ecomat_cms 5.0 - SQL Injection via Index.php Show Parameter
SQL injection vulnerability in index.php in Ecomat CMS 5.0 allows remote attackers to execute arbitrary SQL commands via the show parameter in a web action.
by High-Tech Bridge SA
CubeCart 4.3.4-4.3.9 - SQL Injection via shipKey Parameter
SQL injection vulnerability in includes/content/cart.inc.php in CubeCart PHP Shopping cart 4.3.4 through 4.3.9 allows remote attackers to execute arbitrary SQL commands via the shipKey parameter to index.php.
by Core Security
Miyabi CGI Tools SEO Links 1.02 - Remote Command Execution via fn Parameter
index.pl in Miyabi CGI Tools SEO Links 1.02 allows remote attackers to execute arbitrary commands via shell metacharacters in the fn command. NOTE: some of these details are obtained from third party information.
by Marshall Whittaker
Iatek PortalApp 3.3/4.0 - 'login.asp' Multiple Cross-Site Scripting Vulnerabilities
by High-Tech Bridge SA
Customer Paradigm PageDirector CMS - SQL Injection
SQL injection vulnerability in index.php in Customer Paradigm PageDirector CMS allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Tr0y-x
V-EVA Classified Script 5.1 - 'classified_img.php' SQL Injection
by Sid3^effects
Customer Paradigm PageDirector CMS - Auth Bypass
siteadmin/adduser.php in Customer Paradigm PageDirector CMS does not properly restrict access, which allows remote attackers to bypass intended restrictions and add administrative users via a direct request.
by Tr0y-x
MySpace Clone 2010 - SQL Injection / Cross-Site Scripting
by L0rd CrusAd3r
eBay Clone Script 2010 - 'showcategory.php' SQL Injection
by L0rd CrusAd3r
Customer Paradigm PageDirector - 'id' SQL Injection
by Tr0y-x
Clix'N'Cash Clone 2010 - 'index.php' SQL Injection
by L0rd CrusAd3r
Applicure dotDefender 4.01-3 - Persistent Cross-Site Scripting
by EnableSecurity
D-Link DAP-1160 Wireless Access Point - DCC Protocol Security Bypass
by Cristofaro Mune
OlyKit Swoopo Clone 2010 - SQL Injection
SQL injection vulnerability in index.php in OlyKit Swoopo Clone 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter in a product action.
by L0rd CrusAd3r
i-netsolution Job Search Engine - SQL Injection via show_search_result.php keyword parameter
SQL injection vulnerability in show_search_result.php in i-netsolution Job Search Engine allows remote attackers to execute arbitrary SQL commands via the keyword parameter.
by Sid3^effects
By Source