Exploitdb Exploits
31,344 exploits tracked across all sources.
CF Image Hosting Script 1.1 - 'upload.php' Arbitrary File Upload
by The.Morpheus
Comersus 8 Shopping Cart - SQL Injection / Cross-Site Request Forgery
by Sid3^effects
Webthaiapp - 'detail.php?cat' Blind SQL Injection
by Xelenonz
Joomla Com Newsfeeds - SQL Injection
SQL injection vulnerability in the Newsfeeds (com_newsfeeds) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the feedid parameter in a categories action to index.php.
by Archimonde
Aspsiteware Jobpost - SQL Injection
SQL injection vulnerability in type.asp in JobPost 1.0 allows remote attackers to execute arbitrary SQL commands via the iType parameter. NOTE: some of these details are obtained from third party information.
by Sid3^effects
Alibabaclone Ec21 Clone - SQL Injection
SQL injection vulnerability in offers_buy.php in EC21 Clone 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by v3n0m
Alibabaclone B2b Gold Script - SQL Injection
SQL injection vulnerability in product.html in B2B Gold Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
by v3n0m
ASP Siteware Autodealer < 2.0 - SQL Injection
SQL injection vulnerability in detail.asp in ASP SiteWare autoDealer 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the iPro parameter.
by Sid3^effects
Alibabaclone Alibaba Clone Platinum - SQL Injection
SQL injection vulnerability in offers_buy.php in Alibaba Clone Platinum allows remote attackers to execute arbitrary SQL commands via the id parameter.
by v3n0m
ASPCode CMS <2.0.0 Build 103 - CSRF
Cross-site request forgery (CSRF) vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other versions, allows remote attackers to hijack the authentication of an administrator for requests that (1) delete users via the delete action in the ma2 parameter or (2) create administrators via the update action in the ma2 parameter.
by Dr. Alberto Fontanella
Satyadeep Scratcher - XSS
Cross-site scripting (XSS) vulnerability in projects.php in Scratcher allows remote attackers to inject arbitrary web script or HTML via the show parameter.
by cr4wl3r
Apple Safari 4.0.3 (Windows x86) - 'CSS' Remote Denial of Service (2)
by ITSecTeam
Microsoft SharePoint Server 2007 <12.0.0.6421 - XSS
Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in Microsoft SharePoint Server 2007 12.0.0.6421 and possibly earlier, and SharePoint Services 3.0 SP1 and SP2, versions, allows remote attackers to inject arbitrary web script or HTML via the cid0 parameter.
by High-Tech Bridge SA
Your Articles Directory - Login Option SQL Injection
by Sid3^effects
XT-Commerce 1.0 Beta 1 - Pass / Create and Download Backup
by indoushka
Ucenter Projekt 2.0 - Insecure crossdomain (Cross-Site Scripting)
by indoushka
Tirzen Framework <1.5 - SQL Injection
SQL injection vulnerability in the loadByKey function in the TznDbConnection class in tzn_mysql.php in Tirzen (aka TZN) Framework 1.5, as used in TaskFreak! before 0.6.3, allows remote attackers to execute arbitrary SQL commands via the username field in a login action.
by Justin C. Klein Keane
Socialware 2.2 - Upload / Cross-Site Scripting
by Sid3^effects
By Source