Text Exploits
31,386 exploits tracked across all sources.
PHPKB Knowledge Base Software 1.5 Professional - SQL Injection via ID Parameter
Multiple SQL injection vulnerabilities in PHPKB Knowledge Base Software 1.5 Professional allow remote attackers to execute arbitrary SQL commands via the ID parameter to (1) email.php and (2) question.php, a different vector than CVE-2008-1909.
by R3d-D3V!L
Fiomental & Coolsis Backoffice - Multiple Vulnerabilities
by MasterGipy
family connections 2.2.3 - Multiple Vulnerabilities
by Salvatore Fresta
EasyPublish CMS 23.04.2010 - URI Cross-Site Scripting
by High-Tech Bridge SA
Advanced Poll 2.08 - Cross-Site Scripting via mysql_host Parameter
Cross-site scripting (XSS) vulnerability in misc/get_admin.php in Advanced Poll 2.08 allows remote attackers to inject arbitrary web script or HTML via the mysql_host parameter.
by High-Tech Bridge SA
724Networks 724CMS <4.01 - SQL Injection
SQL injection vulnerability in index.php in 724Networks 724CMS 4.01 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter.
by cyberlog
29o3 CMS 0.1 - Remote File Inclusion via LibDir Parameter
Multiple PHP remote file inclusion vulnerabilities in 29o3 CMS 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the LibDir parameter to (1) lib/page/pageDescriptionObject.php, and (2) layoutHeaderFuncs.php, (3) layoutManager.php, and (4) layoutParser.php in lib/layout/.
by eidelweiss
Torque Game Engine - Multiple Denial of Service Vulnerabilities
by Luigi Auriemma
efront < 3.6.2 - SQL Injection via chatrooms_ID Parameter
SQL injection vulnerability in ask_chat.php in eFront 3.6.2 and earlier allows remote attackers to execute arbitrary SQL commands via the chatrooms_ID parameter.
by Stefan Esser
Hi Web Wiesbaden Web 2.0 Social Network Freunde Community System - SQL Injection via id Parameter
SQL injection vulnerability in user.php in Hi Web Wiesbaden Web 2.0 Social Network Freunde Community System allows remote attackers to execute arbitrary SQL commands via the id parameter in a showgallery action.
by Easy Laster
phpscripte24 Countdown Standart Rückwärts Auktions System - SQL Injection
by Easy Laster
Joomla! Component Article Factory Manager - Arbitrary File Upload
by Sid3^effects
B2B Classic Trading Script - 'offers.php' SQL Injection
by v3n0m
GNUstep Base <1.20.0 - Info Disclosure
Tools/gdomap.c in gdomap in GNUstep Base before 1.20.0 allows local users to read arbitrary files via a (1) -c or (2) -a option, which prints file contents in an error message.
by Dan Rosenberg
By Source