Exploitdb Exploits

EIP-2026-107603 EXPLOITDB text

Holiday Travel Portal - Arbitrary File Upload

by Sid3^effects

View

EIP-2026-106853 EXPLOITDB text VERIFIED

EMO Realty Manager - SQL Injection

by L0rd CrusAd3r

View

EIP-2026-105685 EXPLOITDB text VERIFIED

CafeEngine 2.3 - SQL Injection

by Sid3^effects

View

EIP-2026-118765 EXPLOITDB text VERIFIED

McAfee Unified Threat Management Firewall 4.0.6 - 'page' Cross-Site Scripting

by Adam Baldwin

View

EIP-2026-115176 EXPLOITDB text VERIFIED

EA Battlefield 2 1.41 / Battlefield 2142 1.50 - Multiple Denial of Service Vulnerabilities

by Francis Lavoie-Renaud

View

EIP-2026-106212 EXPLOITDB text VERIFIED

cPanel 11.25 Image Manager - 'target' Local File Inclusion

by AnTi SeCuRe

View

CVE-2010-5037 EXPLOITDB text

SenseSites CommonSense CMS - SQL Injection

SQL injection vulnerability in article.php in SenseSites CommonSense CMS allows remote attackers to execute arbitrary SQL commands via the article_id parameter.

by Pokeng

View

EIP-2026-105573 EXPLOITDB text VERIFIED

BoastMachine 3.1 - 'key' Cross-Site Scripting

by High-Tech Bridge SA

View

EIP-2026-104292 EXPLOITDB text

JForum 2.1.8 BookMarks - Cross-Site Request Forgery / Cross-Site Scripting

by Adam Baldwin

View

CVE-2010-5042 EXPLOITDB text VERIFIED

DJ-ArtGallery 0.9.1 - XSS

Cross-site scripting (XSS) vulnerability in the DJ-ArtGallery (com_djartgallery) component 0.9.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the cid[] parameter in an editItem action to administrator/index.php. NOTE: some of these details are obtained from third party information.

by d0lc3

View

CVE-2010-5035 EXPLOITDB text VERIFIED

iScripts eSwap 2.0 - XSS

Cross-site scripting (XSS) vulnerability in search.php in iScripts eSwap 2.0 allows remote attackers to inject arbitrary web script or HTML via the txtHomeSearch parameter (aka the search field). NOTE: some of these details are obtained from third party information.

by Sid3^effects

View

CVE-2010-2316 EXPLOITDB text VERIFIED

Wmsdesign Wmscms < 2.0 - XSS

Multiple cross-site scripting (XSS) vulnerabilities in default.asp in WmsCms 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) search, (2) sbr, (3) p, and (4) sbl parameters, different vectors than CVE-2007-3137.

by Ariko-Security

View

CVE-2010-2317 EXPLOITDB text VERIFIED

Wmsdesign Wmscms < 2.0 - SQL Injection

Multiple SQL injection vulnerabilities in WmsCms 2.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) search, (2) sbr, (3) pid, (4) sbl, and (5) FilePath parameters to default.asp; and the (6) sbr, (7) pr, and (8) psPrice parameters to printpage.asp.

by Ariko-Security

View

EIP-2026-113245 EXPLOITDB text VERIFIED

WebBiblio Subject Gateway System - Local File Inclusion

by AntiSecurity

View

CVE-2010-5044 EXPLOITDB text

Joomla! com_searchlog 3.1.0 - SQL Injection

SQL injection vulnerability in models/log.php in the Search Log (com_searchlog) component 3.1.0 for Joomla! allows remote authenticated users, with Public Back-end privileges, to execute arbitrary SQL commands via the search parameter in a log action to administrator/index.php. NOTE: some of these details are obtained from third party information.

by XroGuE

View

EIP-2026-111812 EXPLOITDB text

RTRandomImage - Remote File Inclusion

by Sn!pEr.S!Te Hacker

View

EIP-2026-111767 EXPLOITDB text VERIFIED

ReVou Twitter Clone 2.0 Beta - SQL Injection / Cross-Site Scripting

by Sid3^effects

View

EIP-2026-110685 EXPLOITDB text VERIFIED

PHP Director 0.2 - SQL Injection

by Mr.Rat

View

EIP-2026-110661 EXPLOITDB text VERIFIED

PHP Car Rental Complete System 1.2 - SQL Injection

by Sid3^effects

View

CVE-2010-5044 EXPLOITDB text

Joomla! com_searchlog 3.1.0 - SQL Injection

SQL injection vulnerability in models/log.php in the Search Log (com_searchlog) component 3.1.0 for Joomla! allows remote authenticated users, with Public Back-end privileges, to execute arbitrary SQL commands via the search parameter in a log action to administrator/index.php. NOTE: some of these details are obtained from third party information.

by d0lc3

View

CVE-2010-5043 EXPLOITDB text VERIFIED

DJ-ArtGallery 0.9.1 - SQL Injection

SQL injection vulnerability in the DJ-ArtGallery (com_djartgallery) component 0.9.1 for Joomla! allows remote authenticated users to execute arbitrary SQL commands via the cid[] parameter in an editItem action to administrator/index.php.

by d0lc3

View

EIP-2026-108266 EXPLOITDB text

Joomla! Component com_annonces - Arbitrary File Upload

by Sid3^effects

View

EIP-2026-108089 EXPLOITDB text VERIFIED

JForum 2.1.8 - 'Username' Cross-Site Scripting

by Adam Baldwin

View

CVE-2010-5036 EXPLOITDB text VERIFIED

iScripts eSwap 2.0 - SQL Injection

SQL injection vulnerability in addsale.php in iScripts eSwap 2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter.

by Sid3^effects

View

CVE-2010-5034 EXPLOITDB text

iScripts EasyBiller 1.1 - SQL Injection

SQL injection vulnerability in viewhistorydetail.php in iScripts EasyBiller 1.1 allows remote attackers to execute arbitrary SQL commands via the planid parameter.

by Sid3^effects

View