Text Exploits
31,386 exploits tracked across all sources.
Realtyna Translator 1.0.15 - Path Traversal
Directory traversal vulnerability in the Realtyna Translator (com_realtyna) component 1.0.15 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
by MISTERFRIBO
Big Forum 5.2 - Arbitrary File Upload / Local File Inclusion
by Zer0 Thunder
Insanevisions Adapcms - Code Injection
PHP remote file inclusion vulnerability in inc/smarty/libs/init.php in AdaptCMS 2.0.0 Beta, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the sitepath parameter. NOTE: it was later reported that 2.0.1 is also affected.
by v3n0m
ActiveCollab 2.3.0 - Local File Inclusion / Directory Traversal
by Jose Carlos de Arriba
2daybiz Video Community Portal Script - SQL Injection via UserID Parameter
SQL injection vulnerability in user-profile.php in 2daybiz Video Community Portal Script allows remote attackers to execute arbitrary SQL commands via the userid parameter.
by Sangteamtham
2daybiz Web Template Software - SQL Injection via customize.php tid Parameter
SQL injection vulnerability in customize.php in 2daybiz Web Template Software allows remote attackers to execute arbitrary SQL commands via the tid parameter.
by Sangteamtham
2DayBiz Real Estate Portal - 'viewpropertydetails.php' SQL Injection
by Sangteamtham
2daybiz Job Site Script - SQL Injection via jid, job_iid, or left_cat Parameter
Multiple SQL injection vulnerabilities in 2daybiz Job Site Script allow remote attackers to execute arbitrary SQL commands via the (1) jid parameter to view_current_job.php, (2) job_iid parameter to show_search_more.php, and (3) left_cat parameter to show_search_result.php.
by Sangteamtham
Novell iManager 2.7, 2.7.3, 2.7.3 FTF2 - Denial of Service via Long Tree Parameter
Off-by-one error in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allows remote attackers to cause a denial of service (daemon crash) via a long tree parameter in a login request to nps/servlet/webacc.
by Core Security Technologies
Weborf HTTP Server <= 0.12.1 - Denial of Service via Unicode Characters in Connection Header
Weborf HTTP Server 0.12.1 and earlier allows remote attackers to cause a denial of service (crash) via Unicode characters in a Connection HTTP header, and possibly other headers.
by Crash
Lois Software WebDB 2.0A Script - Multiple SQL Injections
by High-Tech Bridge SA
Harmistechnology Com Jeajaxeventcalendar - SQL Injection
SQL injection vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to index.php.
by L0rd CrusAd3r
PreProject Multi-Vendor Shopping Malls - 'products.php?sid' SQL Injection
by CoBRa_21
PreProject Multi-Vendor Shopping Malls - 'products.php' SQL Injection
by CoBRa_21
Harmistechnology Com Jeajaxeventcalendar - SQL Injection
SQL injection vulnerability in JE Ajax Event Calendar (com_jeajaxeventcalendar) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the event_id parameter in an alleventlist_more action to index.php.
by L0rd CrusAd3r
2daybiz Multi Level Marketing Software - SQL Injection via viewnews.php nwsid Parameter
SQL injection vulnerability in viewnews.php in 2daybiz Multi Level Marketing (MLM) Software allows remote attackers to execute arbitrary SQL commands via the nwsid parameter.
by JaMbA
2daybiz Matrimonial Script - SQL Injection via customprofile.php id Parameter
SQL injection vulnerability in customprofile.php in 2daybiz Matrimonial Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
by JaMbA
By Source