Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
CVE-2010-1663 EXPLOITDB text VERIFIED
Google Chrome < 4.1.249.1063 - Same Origin Policy Bypass via URL Parsing Library
The Google URL Parsing Library (aka google-url or GURL) in Google Chrome before 4.1.249.1064 allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
by Jordi Chancel
EIP-2026-112328 EXPLOITDB text VERIFIED
SoftDirec 1.05 - 'delete_confirm.php' Cross-Site Scripting
by indoushka
CVE-2010-2040 EXPLOITDB text VERIFIED
V-EVA Shopzilla Affiliate Script PHP - Cross-Site Scripting via search.php s Parameter
Cross-site scripting (XSS) vulnerability in search.php in V-EVA Shopzilla Affiliate Script PHP allows remote attackers to inject arbitrary web script or HTML via the s parameter.
by Andrea Bocchetti
CVE-2010-2033 EXPLOITDB text VERIFIED
Percha com_perchacategoriestree 0.6 - Path Traversal via Controller Parameter
Directory traversal vulnerability in the Percha Multicategory Article (com_perchacategoriestree) component 0.6 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
by AntiSecurity
CVE-2010-2034 EXPLOITDB text VERIFIED
Percha Image Attach 1.1 - Path Traversal via Controller Parameter
Directory traversal vulnerability in the Percha Image Attach (com_perchaimageattach) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
by AntiSecurity
CVE-2010-2035 EXPLOITDB text VERIFIED
Percha Gallery 1.6 Beta - Path Traversal via Controller Parameter
Directory traversal vulnerability in the Percha Gallery (com_perchagallery) component 1.6 Beta for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
by AntiSecurity
CVE-2010-2036 EXPLOITDB text VERIFIED
Percha Fields Attach 1.x - Path Traversal via Controller Parameter
Directory traversal vulnerability in the Percha Fields Attach (com_perchafieldsattach) component 1.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
by AntiSecurity
CVE-2010-2037 EXPLOITDB text VERIFIED
Percha Downloads Attach 1.1 - Path Traversal via Controller Parameter
Directory traversal vulnerability in the Percha Downloads Attach (com_perchadownloadsattach) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
by AntiSecurity
EIP-2026-108368 EXPLOITDB text VERIFIED
Joomla! Component com_horses - 'id' SQL Injection
by Kernel Security Group
EIP-2026-106378 EXPLOITDB text VERIFIED
DB[CMS] - 'section.php' SQL Injection
by CoBRa_21
CVE-2010-2051 EXPLOITDB text
Debliteck DBCart - SQL Injection via article.php id Parameter
SQL injection vulnerability in article.php in Debliteck DBCart allows remote attackers to execute arbitrary SQL commands via the id parameter.
by v3n0m
CVE-2010-2032 EXPLOITDB text VERIFIED
Caucho Resin - Cross-Site Scripting via digest_realm or digest_username Parameters
Multiple cross-site scripting (XSS) vulnerabilities in resin-admin/digest.php in Caucho Technology Resin Professional 3.1.5, 3.1.10, 4.0.6, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via the (1) digest_realm or (2) digest_username parameters. NOTE: some of these details are obtained from third party information.
by xuanmumu
EIP-2026-105672 EXPLOITDB text VERIFIED
C99Shell 1.0 Pre-Release build 16 (Web Shell) - 'ch99.php' Cross-Site Scripting
by indoushka
EIP-2026-105415 EXPLOITDB text VERIFIED
Battle Scrypt - Arbitrary File Upload
by DigitALL
CVE-2010-0475 EXPLOITDB text VERIFIED
Palo Alto Networks Firewall < 3.0.8 - Cross-Site Scripting via Role Parameter
Cross-site scripting (XSS) vulnerability in esp/editUser.esp in the Palo Alto Networks firewall 3.0.x before 3.0.9 and 3.1.x before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the role parameter.
by Jeromie Jackson
EIP-2026-100970 EXPLOITDB text VERIFIED
McAfee Email Gateway - Web Administration Broken Access Control
by Nahuel Grisolia
EIP-2026-116126 EXPLOITDB text
QtWeb Browser 3.3 - Denial of Service
by PoisonCode
EIP-2026-114943 EXPLOITDB text
Attachmate Reflection Standard Suite 2008 - ActiveX Buffer Overflow (PoC)
by Rad L. Sneak
EIP-2026-113327 EXPLOITDB text VERIFIED
Webloader 7 < 8 - 'vid' SQL Injection
by ByEge
EIP-2026-113324 EXPLOITDB text
WebJaxe - SQL Injection
by IHTeam
EIP-2026-112799 EXPLOITDB text
TS Special Edition 7.0 - Multiple Vulnerabilities
by IHTeam
EIP-2026-111136 EXPLOITDB text VERIFIED
phpMyAdmin 2.6.3-pl1 - Cross-Site Scripting / Full Path
by cp77fk4r
EIP-2026-109971 EXPLOITDB text VERIFIED
NPDS REvolution 10.02 - 'download.php' Cross-Site Scripting
by High-Tech Bridge SA
CVE-2010-2018 EXPLOITDB text VERIFIED
Lokomedia CMS 1.4.1 and 2.0 - Path Traversal via downlot.php file Parameter
Directory traversal vulnerability in downlot.php in Lokomedia CMS 1.4.1 and 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
by vir0e5
EIP-2026-108470 EXPLOITDB text VERIFIED
Joomla! Component com_packages - SQL Injection
by Kernel Security Group