Exploitdb Exploits
31,344 exploits tracked across all sources.
WordPress Plugin TinyBrowser - Arbitrary File Upload
by Ra3cH
ScriptsFeed Recipes Listing Portal 1.0 - SQL Injection
SQL injection vulnerability in control/admin_login.php in ScriptsFeed Recipes Listing Portal 1.0 allows remote attackers to execute arbitrary SQL commands via the loginid parameter (aka the UserName field). NOTE: some of these details are obtained from third party information.
by Mr.ThieF
Murat Ersoy Cyberhost - SQL Injection
SQL injection vulnerability in default.asp in Cyberhost allows remote attackers to execute arbitrary SQL commands via the id parameter.
by redst0rm
3Com* iMC (Intelligent Management Center) - Traversal File Retrieval
by Richard Brain
3Com* iMC (Intelligent Management Center) - Cross-Site Scripting / Information Disclosure Flaws
by Richard Brain
Sun Solaris 10 - Nested Directory Tree Local Denial of Service
by Maksymilian Arciemowicz
Sun Solaris 10 - 'in.ftpd' Long Command Handling Security
by Maksymilian Arciemowicz
Specialized Data Systems Parent Connect 2010.04.11 - Multiple SQL Injections
by epixoip
Jv2design Jv2 Folder Gallery - Code Injection
PHP remote file inclusion vulnerability in gallery.php in JV2 Folder Gallery 3.1 allows remote attackers to execute arbitrary PHP code via a URL in the lang_file parameter.
by Sn!pEr.S!Te Hacker
Bartels-schoene Conpresso - SQL Injection
SQL injection vulnerability in firma.php in Bartels Schone ConPresso 4.0.7 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Gamoscu
Apache Axis2 < 1.6.0 - XSS
Cross-site scripting (XSS) vulnerability in axis2-admin/axis2-admin/engagingglobally in the administration console in Apache Axis2/Java 1.4.1, 1.5.1, and possibly other versions, as used in SAP Business Objects 12, 3com IMC, and possibly other products, allows remote attackers to inject arbitrary web script or HTML via the modules parameter. NOTE: some of these details are obtained from third party information.
by Richard Brain
ComponentOne VSFlexGrid 7/8 - 'Archive()' method Remote Buffer Overflow
by Ma3sTr0-Dz
webYourPhotos 6.05 - 'index.php' Remote File Inclusion
by Sn!pEr.S!Te Hacker
Snipegallery Snipe Gallery - Code Injection
Multiple PHP remote file inclusion vulnerabilities in Snipe Gallery 3.1.5 allow remote attackers to execute arbitrary PHP code via a URL in the cfg_admin_path parameter to (1) index.php, (2) view.php, (3) image.php, (4) search.php, (5) admin/index.php, (6) admin/gallery/index.php, (7) admin/gallery/view.php, (8) admin/gallery/gallery.php, (9) admin/gallery/image.php, and (10) admin/gallery/crop.php.
by Sn!pEr.S!Te Hacker
Snipegallery Snipe Gallery - Code Injection
Multiple PHP remote file inclusion vulnerabilities in Snipe Gallery 3.1.5 allow remote attackers to execute arbitrary PHP code via a URL in the cfg_admin_path parameter to (1) index.php, (2) view.php, (3) image.php, (4) search.php, (5) admin/index.php, (6) admin/gallery/index.php, (7) admin/gallery/view.php, (8) admin/gallery/gallery.php, (9) admin/gallery/image.php, and (10) admin/gallery/crop.php.
by Sn!pEr.S!Te Hacker
By Source