Text Exploits
31,386 exploits tracked across all sources.
Visitor Logger - Remote Code Execution via VL_include_path Parameter
PHP remote file inclusion vulnerability in banned.php in Visitor Logger allows remote attackers to execute arbitrary PHP code via a URL in the VL_include_path parameter.
by bd0rk
JS Jobs (com_jsjobs) 1.0.5.6 - SQL Injection via md or oi Parameter
Multiple SQL injection vulnerabilities in the JS Jobs (com_jsjobs) component 1.0.5.6 for Joomla! allow remote attackers to execute arbitrary SQL commands via (1) the md parameter in an employer view_company action to index.php or (2) the oi parameter in an employer view_job action to index.php.
by d0lc3
Joomla! Component com_g2bridge - Local File Inclusion
by akatsuchi
e107 0.7.21 full - Remote File Inclusion / Cross-Site Scripting
by indoushka
Dameng DM Database Server - Remote Code Execution via SP_DEL_BAK_EXPIRED Procedure
Dameng DM Database Server allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors related to the SP_DEL_BAK_EXPIRED procedure in wdm_dll.dll, which triggers memory corruption.
by Shennan Wang HuaweiSymantec SRT
Zeeways eBay Clone Auction Script - Stored Cross-Site Scripting via signinform.php msg Parameter
Cross-site scripting (XSS) vulnerability in signinform.php in Zeeways eBay Clone Auction Script allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: some of these details are obtained from third party information.
by XroGuE
Symphony CMS 2.0.7 - Path Traversal via Mode Parameter
Directory traversal vulnerability in index.php in Symphony CMS 2.0.7 allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the mode parameter.
by AntiSecurity
PTC Site's - Remote Code Execution / Cross-Site Scripting
by CrazyMember
osCommerce Online Merchant 2.2 - File Disclosure / Authentication Bypass
by Flyff666
GR Board 1.8.6 - 'page.php' Remote File Inclusion
by eidelweiss
CMScout 2.09 - Cross-Site Scripting via Search Parameter
Cross-site scripting (XSS) vulnerability in the Search Site in CMScout 2.09, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the search parameter. NOTE: some of these details are obtained from third party information.
by XroGuE
NP_Gallery plugin 0.94 - Remote Code Execution via DIR_NUCLEUS Parameter
PHP remote file inclusion vulnerability in nucleus/plugins/NP_gallery.php in the NP_Gallery plugin 0.94 for Nucleus allows remote attackers to execute arbitrary PHP code via a URL in the DIR_NUCLEUS parameter. NOTE: some of these details are obtained from third party information.
by AntiSecurity
Fusebox 5.5.1 - SQL Injection via CatDisplay Parameter
SQL injection vulnerability in ProductList.cfm in Fusebox 5.5.1 allows remote attackers to execute arbitrary SQL commands via the CatDisplay parameter.
by Shamus
By Source