Text Exploits
31,386 exploits tracked across all sources.
Google Chrome < 4.1.249.1063 - Same Origin Policy Bypass via URL Parsing Library
The Google URL Parsing Library (aka google-url or GURL) in Google Chrome before 4.1.249.1064 allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
by Jordi Chancel
SoftDirec 1.05 - 'delete_confirm.php' Cross-Site Scripting
by indoushka
V-EVA Shopzilla Affiliate Script PHP - Cross-Site Scripting via search.php s Parameter
Cross-site scripting (XSS) vulnerability in search.php in V-EVA Shopzilla Affiliate Script PHP allows remote attackers to inject arbitrary web script or HTML via the s parameter.
by Andrea Bocchetti
Percha com_perchacategoriestree 0.6 - Path Traversal via Controller Parameter
Directory traversal vulnerability in the Percha Multicategory Article (com_perchacategoriestree) component 0.6 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
by AntiSecurity
Percha Image Attach 1.1 - Path Traversal via Controller Parameter
Directory traversal vulnerability in the Percha Image Attach (com_perchaimageattach) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
by AntiSecurity
Percha Gallery 1.6 Beta - Path Traversal via Controller Parameter
Directory traversal vulnerability in the Percha Gallery (com_perchagallery) component 1.6 Beta for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
by AntiSecurity
Percha Fields Attach 1.x - Path Traversal via Controller Parameter
Directory traversal vulnerability in the Percha Fields Attach (com_perchafieldsattach) component 1.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
by AntiSecurity
Percha Downloads Attach 1.1 - Path Traversal via Controller Parameter
Directory traversal vulnerability in the Percha Downloads Attach (com_perchadownloadsattach) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
by AntiSecurity
Joomla! Component com_horses - 'id' SQL Injection
by Kernel Security Group
Debliteck DBCart - SQL Injection via article.php id Parameter
SQL injection vulnerability in article.php in Debliteck DBCart allows remote attackers to execute arbitrary SQL commands via the id parameter.
by v3n0m
Caucho Resin - Cross-Site Scripting via digest_realm or digest_username Parameters
Multiple cross-site scripting (XSS) vulnerabilities in resin-admin/digest.php in Caucho Technology Resin Professional 3.1.5, 3.1.10, 4.0.6, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via the (1) digest_realm or (2) digest_username parameters. NOTE: some of these details are obtained from third party information.
by xuanmumu
C99Shell 1.0 Pre-Release build 16 (Web Shell) - 'ch99.php' Cross-Site Scripting
by indoushka
Palo Alto Networks Firewall < 3.0.8 - Cross-Site Scripting via Role Parameter
Cross-site scripting (XSS) vulnerability in esp/editUser.esp in the Palo Alto Networks firewall 3.0.x before 3.0.9 and 3.1.x before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the role parameter.
by Jeromie Jackson
McAfee Email Gateway - Web Administration Broken Access Control
by Nahuel Grisolia
Attachmate Reflection Standard Suite 2008 - ActiveX Buffer Overflow (PoC)
by Rad L. Sneak
phpMyAdmin 2.6.3-pl1 - Cross-Site Scripting / Full Path
by cp77fk4r
NPDS REvolution 10.02 - 'download.php' Cross-Site Scripting
by High-Tech Bridge SA
Lokomedia CMS 1.4.1 and 2.0 - Path Traversal via downlot.php file Parameter
Directory traversal vulnerability in downlot.php in Lokomedia CMS 1.4.1 and 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
by vir0e5
Joomla! Component com_packages - SQL Injection
by Kernel Security Group
By Source