Text Exploits
31,386 exploits tracked across all sources.
BackLinkSpider 1.3.1774 - 'cat_id' SQL Injection
by sniper ip
FreeBSD 6.4-8.1-PRERELEASE - Denial of Service or Remote Code Execution via Long Username
Off-by-one error in the __opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earlier, as used on FreeBSD 6.4 through 8.1-PRERELEASE and other platforms, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long username, as demonstrated by a long USER command to the FreeBSD 8.0 ftpd.
by Maksymilian Arciemowicz
RapidWareX 2.0.1 - 'WebUI' Cross-Site Request Forgery
by l3D
Spaceacre - SQL Injection / Cross-Site Scripting / HTML Injection
by XroGuE
Spaceacre - '/index.php' SQL Injection / HTML / Cross-Site Scripting Injection
by CoBRa_21
Multi Vendor Mall - 'pages.php' SQL Injection
by Newbie_Campuz
Multi Vendor Mall - 'itemdetail.php?& shop.php' SQL Injection
by CoBRa_21
md5 Encryption Decryption PHP Script - 'index.php' Cross-Site Scripting
by indoushka
Website Design and Hosting By Netricks Inc - 'news.php' SQL Injection
by Dr.SiLnT HilL
nitro_web_gallery - SQL Injection via PictureId Parameter
SQL injection vulnerability in index.php in NITRO Web Gallery allows remote attackers to execute arbitrary SQL commands via the PictureId parameter in an open action.
by cyberlog
Microsoft Exchange Server - Cross-Site Scripting via OWA Folder IPF.Note id Parameter
Microsoft Outlook Web Access (OWA) 8.2.254.0, when Internet Explorer 7 on Windows Server 2003 is used, does not properly handle the id parameter in a Folder IPF.Note action to the default URI, which might allow remote attackers to obtain sensitive information or conduct cross-site scripting (XSS) attacks via an invalid value.
by Praveen Darshanam
Ruubikcms 1.0.3 - 'index.php' Cross-Site Scripting
by High-Tech Bridge SA
runt-communications Design - 'property_more.php' SQL Injection
by CoBRa_21
razorcms 1.0 - Cross-Site Scripting via Content Parameter in Edit Action
Cross-site scripting (XSS) vulnerability in admin/core/admin_func.php in razorCMS 1.0 stable allows remote attackers to inject arbitrary web script or HTML via the content parameter in an edit action to admin/index.php.
by High-Tech Bridge SA
PHP Graphy 0.9.7 - 'index.php' Remote Command Execution
by Sn!pEr.S!Te Hacker
LiSK CMS 4.4 - SQL Injection via id Parameter
Multiple SQL injection vulnerabilities in LiSK CMS 4.4 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in a view_inbox action to cp/cp_messages.php or (2) the id parameter to cp/edit_email.php.
by High-Tech Bridge SA
By Source