Text Exploits
31,386 exploits tracked across all sources.
Apple Safari 4.0.5 - Use-After-Free via Popup Window Close Method
Use-after-free vulnerability in Apple Safari 4.0.5 on Windows allows remote attackers to execute arbitrary code by using window.open to create a popup window for a crafted HTML document, and then calling the parent window's close method, which triggers improper handling of a deleted window object.
by Alexey Sintsov
com_mscomment 0.8.0b - Path Traversal via Controller Parameter
Directory traversal vulnerability in the Moron Solutions MS Comment (com_mscomment) component 0.8.0b for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
by Xr0b0t
Joomla! Component com_camp - SQL Injection
by Kernel Security Group
CompactCMS 1.4.0 - 'tiny_mce' Arbitrary File Upload
by ITSecTeam
Alibaba Clone Platinum - 'about_us.php' SQL Injection
by CoBRa_21
Mozilla Firefox 3.6.3 / Safari 4.0.5 - Access Violation Exception and Unknown Exception
by Fredrik Nordberg Almroth
V-EVA Press Release Script - SQL Injection
SQL injection vulnerability in page.php in V-EVA Press Release Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
by R3d-D3V!L
Planet Script 1.x - 'idomains.php' Cross-Site Scripting
by Mr.ThieF
JE Quotation Form (com_jequoteform) 1.0b1 - Path Traversal via View Parameter
Directory traversal vulnerability in the JE Quotation Form (com_jequoteform) component 1.0b1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the view parameter to index.php.
by ALTBTA
Joomla! com_jejob 1.0 - SQL Injection
SQL injection vulnerability in the JExtensions JE Job (com_jejob) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php.
by Valentin
Harmistechnology Com Jeajaxeventcalendar - Path Traversal
Directory traversal vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.1 and 1.0.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. NOTE: some of these details are obtained from third party information.
by Valentin
Heaven Soft CMS 4.7 - 'photogallery_open.php' SQL Injection
by CoBRa_21
Alibaba Clone Platinum - '/buyer/index.php' SQL Injection
by GuN
PHP 5.3 - Format String Vulnerability in phar Extension
Multiple format string vulnerabilities in the phar extension in PHP 5.3 before 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) and possibly execute arbitrary code via a crafted phar:// URI that is not properly handled by the (1) phar_stream_flush, (2) phar_wrapper_unlink, (3) phar_parse_url, or (4) phar_wrapper_open_url functions in ext/phar/stream.c; and the (5) phar_wrapper_open_dir function in ext/phar/dirstream.c, which triggers errors in the php_stream_wrapper_log_error function.
by Stefan Esser
VMware View Manager 3.1.x - Cross-Site Scripting
Cross-site scripting (XSS) vulnerability in VMware View (formerly Virtual Desktop Manager or VDM) 3.1.x before 3.1.3 build 252693 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
by Alexey Sintsov
NPDS REvolution 10.02 - 'topic' Cross-Site Scripting
by High-Tech Bridge SA
NPDS REvolution 10.02 - 'download.php' SQL Injection
by High-Tech Bridge SA
com_konsultasi 1.0.0 - SQL Injection via sid Parameter
SQL injection vulnerability in the Konsultasi (com_konsultasi) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the sid parameter in a detail action to index.php.
by c4uR
Dionesoft Com Dioneformwizard - Path Traversal
Directory traversal vulnerability in the Dione Form Wizard (aka FDione or com_dioneformwizard) component 1.0.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.
by Chip d3 bi0s
Joomla! Component com_sebercart - 'getPic.php' Local File Disclosure
by AntiSecurity
Joomla! Component aardvertiser 2.0 - Local File Inclusion
by eidelweiss
By Source