Text Exploits
31,386 exploits tracked across all sources.
JCE-Tech Overstock 1 - SQL Injection via Store Parameter
SQL injection vulnerability in storecat.php in JCE-Tech Overstock 1 allows remote attackers to execute arbitrary SQL commands via the store parameter.
by L0rd CrusAd3r
OroHYIP - SQL Injection via withdraw_money.php id Parameter
SQL injection vulnerability in withdraw_money.php in Toma Cero OroHYIP allows remote attackers to execute arbitrary SQL commands via the id parameter in a cancel action.
by L0rd CrusAd3r
Joomla! Component com_eportfolio - Arbitrary File Upload
by Sid3^effects
NetArt Media iBoutique 4.0 - SQL Injection
SQL injection vulnerability in index.php in NetArt Media iBoutique 4.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.
by L0rd CrusAd3r
UK One Media CMS - 'id' Error-Based SQL Injection
by LiquidWorm
RSComments (com_rscomments) 1.0.0 Rev 2 - Cross-Site Scripting via Website and Name Parameters
Multiple cross-site scripting (XSS) vulnerabilities in the RSComments (com_rscomments) component 1.0.0 Rev 2 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) website and (2) name parameters to index.php.
by jdc
Elite Gaming Ladders 3.5 - SQL Injection
SQL injection vulnerability in standings.php in Elite Gaming Ladders 3.5 allows remote attackers to execute arbitrary SQL commands via the ladder[id] parameter.
by ahwak2000
Shopping Cart Script with Affiliate Program - SQL Injection
by L0rd CrusAd3r
KubeLance 1.7.6 - 'profile.php' SQL Injection
by L0rd CrusAd3r
Joomla! Component Gallery XML 1.1 - SQL Injection / Local File Inclusion
by jdc
Joomla! Component com_listbingo 1.3 - Multiple Vulnerabilities
by jdc
Joomla! Component com_joomdocs - Cross-Site Scripting
by Sid3^effects
YourFreeWorld Banner Management - SQL Injection
SQL injection vulnerability in trackads.php in YourFreeWorld Banner Management allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information.
by L0rd CrusAd3r
Oracle Fusion Middleware < 2.5.7 - Code Injection
SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs[0]=jar: followed by a URL of a crafted .jar file.
by Meder Kydyraliev
By Source