Exploitdb Exploits

CVE-2010-2319 EXPLOITDB text

Idevspot Textads - SQL Injection

SQL injection vulnerability in index.php in IDevSpot TextAds 2.08 allows remote attackers to execute arbitrary SQL commands via the page parameter.

by Sid3^effects

View

EIP-2026-107495 EXPLOITDB text

greeting card - Arbitrary File Upload

by Mr.Benladen

View

EIP-2026-106395 EXPLOITDB text

DDLCMS 2.1 - 'skin' Remote File Inclusion

by eidelweiss

View

CVE-2010-5025 EXPLOITDB text VERIFIED

CuteSITE CMS <1.5.0 - XSS

Cross-site scripting (XSS) vulnerability in manage/main.php in CuteSITE CMS 1.2.3 and 1.5.0 allows remote attackers to inject arbitrary web script or HTML via the fld_path parameter. NOTE: some of these details are obtained from third party information.

by High-Tech Bridge SA

View

CVE-2010-5024 EXPLOITDB text VERIFIED

CuteSITE CMS <1.5.0 - SQL Injection

SQL injection vulnerability in manage/add_user.php in CuteSITE CMS 1.2.3 and 1.5.0 allows remote authenticated users, with Read privileges, to execute arbitrary SQL commands via the user_id parameter. NOTE: some of these details are obtained from third party information.

by High-Tech Bridge SA

View

EIP-2026-102487 EXPLOITDB text VERIFIED

JForum 2.1.8 - 'bookmarks' Module Multiple HTML Injection Vulnerabilities

by Adam Baldwin

View

EIP-2026-113788 EXPLOITDB text VERIFIED

WordPress Plugin Gigya Socialize 1.0/1.1.x - Cross-Site Scripting

by MustLive

View

EIP-2026-116124 EXPLOITDB text VERIFIED

QtWeb 3.3 - Remote Crash (Denial of Service)

by PoisonCode

View

EIP-2026-112217 EXPLOITDB text

slogan design Script - SQL Injection

by Mr.P3rfekT

View

CVE-2010-2315 EXPLOITDB text

Smartisoft Phpbazar - Code Injection

PHP remote file inclusion vulnerability in picturelib.php in SmartISoft phpBazar 2.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the cat parameter.

by Sid3^effects

View

EIP-2026-110762 EXPLOITDB text

PHP SETI@home Web monitor - 'PHPsetimon' Local/Remote File Inclusion

by eidelweiss

View

EIP-2026-110389 EXPLOITDB text

osCSS 1.2.1 - Arbitrary File Upload

by indoushka

View

EIP-2026-109399 EXPLOITDB text VERIFIED

Member ID The Fish Index PHP - SQL Injection

by v4lc0m87

View

EIP-2026-108953 EXPLOITDB text VERIFIED

K9 Kreativity Design - 'pages.php' SQL Injection

by Newbie_Campuz

View

EIP-2026-108429 EXPLOITDB text

Joomla! Component com_lead - SQL Injection

by ByEge

View

EIP-2026-106620 EXPLOITDB text

E-book Store - Multiple Vulnerabilities

by indoushka

View

EIP-2026-105906 EXPLOITDB text VERIFIED

clickartweb Design - SQL Injection

by cyberlog

View

EIP-2026-105242 EXPLOITDB text

Article Management System 2.1.2 - Reinstall

by indoushka

View

EIP-2026-104999 EXPLOITDB text

Advneced Management For Services Sites - File Disclosure

by indoushka

View

CVE-2010-2307 EXPLOITDB text

Motorola Surfboard Sbv6120e - Path Traversal

Multiple directory traversal vulnerabilities in the web server for Motorola SURFBoard cable modem SBV6120E running firmware SBV6X2X-1.0.0.5-SCM-02-SHPC allow remote attackers to read arbitrary files via (1) "//" (multiple leading slash), (2) ../ (dot dot) sequences, and encoded dot dot sequences in a URL request.

by S2 Crew

View

EIP-2026-100861 EXPLOITDB text VERIFIED

MoinMoin 1.x - 'PageEditor.py' Cross-Site Scripting

by anonymous

View

EIP-2026-112968 EXPLOITDB text

Vastal I-Tech - SQL Injection

by HELLBOY

View

EIP-2026-112763 EXPLOITDB text VERIFIED

TPO Duyuru Scripti - Insecure Cookie Authentication Bypass

by Septemb0x

View

CVE-2010-2313 EXPLOITDB text VERIFIED

Anodyne-productions Simm Management System - Path Traversal

Directory traversal vulnerability in index.php in Anodyne Productions SIMM Management System (SMS) 2.6.10, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter to index.php. NOTE: some of these details are obtained from third party information.

by AntiSecurity

View

EIP-2026-110663 EXPLOITDB text VERIFIED

PHP City Portal 1.3 - 'cms_data.php' Cross-Site Scripting

by Red-D3v1L

View