Text Exploits
31,386 exploits tracked across all sources.
Cornerstone Technologies webConductor - SQL Injection
SQL injection vulnerability in default.php in Cornerstone Technologies webConductor allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Th3 RDX
Firefox 3.5.x-3.5.9 and 3.6.x-3.6.3 - Remote Code Execution via XSLT Node Sorting Integer Overflow
Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node.
by Martin Barbella
Site2Nite Boat Classifieds - SQL Injection
SQL injection vulnerability in detail.asp in Site2Nite Boat Classifieds allows remote attackers to execute arbitrary SQL commands via the ID parameter.
by Sangteamtham
TeamSpeak 3.0.0-beta25 - Multiple Vulnerabilities
by Luigi Auriemma
Sysax Multi Server < 5.25 (SFTP Module) - Multiple Denial of Service Vulnerabilities
by leinakesi
Sigmer Technologies Scribe CMS - 'copy_folder.php' Cross-Site Scripting
by High-Tech Bridge SA
SaffaTunes CMS - 'news.php' Multiple SQL Injections
by Th3 RDX
linker_img < 1.0 - Path Traversal via cook_lan Cookie Parameter
Multiple directory traversal vulnerabilities in index.php in Linker IMG 1.0 and earlier allow remote attackers to read and execute arbitrary local files via a URL in the (1) cook_lan cookie parameter ($lan_dir variable) or possibly (2) Sdb_type parameter. NOTE: this was originally reported as remote file inclusion, but this may be inaccurate.
by Sn!pEr.S!Te Hacker
Joomla! Component JomSocial 1.6.288 - Multiple Cross-Site Scripting Vulnerabilities
by jdc
Joomla! Component com_jomestate - Remote File Inclusion
by Sid3^effects
Joomla! Component com_community - Persistent Cross-Site Scripting
by Sid3^effects
Jamroom < 4.1.9 - Cross-Site Scripting via Forum Post ID Parameter
Cross-site scripting (XSS) vulnerability in forum.php in Jamroom before 4.1.9 allows remote attackers to inject arbitrary web script or HTML via the post_id parameter in a modify action.
by High-Tech Bridge SA
laubrotel g.cms_generator - SQL Injection via Lang Parameter
SQL injection vulnerability in G.CMS generator allows remote attackers to execute arbitrary SQL commands via the lang parameter to the default URI, probably index.php.
by Sid3^effects
Plesk Server Administrator (PSA) - 'locale' Local File Inclusion
by Pouya Daneshmand
IBM WebSphere ILOG JRules 6.7 - Cross-Site Scripting via RTS URL to explore.jsp, compose.jsp, or home.jsp
Multiple cross-site scripting (XSS) vulnerabilities in content/internalError.jsp in IBM WebSphere ILOG JRules 6.7 allow remote attackers to inject arbitrary web script or HTML via an RTS URL to (1) explore/explore.jsp, (2) compose/compose.jsp, or (3) home.jsp in faces/.
by IBM
SimpleAssets - Authentication Bypass / Cross-Site Scripting
by L0rd CrusAd3r
JCE-Tech Shareasale Script 1 - SQL Injection via merchant_id Parameter
SQL injection vulnerability in merchant_product_list.php in JCE-Tech Shareasale Script (SASS) 1 allows remote attackers to execute arbitrary SQL commands via the mechant_id parameter.
by L0rd CrusAd3r
By Source