Text Exploits
31,386 exploits tracked across all sources.
EC21 Clone 3.0 - SQL Injection via offers_buy.php id Parameter
SQL injection vulnerability in offers_buy.php in EC21 Clone 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by v3n0m
B2B Gold Script - SQL Injection via id Parameter
SQL injection vulnerability in product.html in B2B Gold Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
by v3n0m
ASP SiteWare autoDealer < 2.0 - SQL Injection via detail.asp iPro Parameter
SQL injection vulnerability in detail.asp in ASP SiteWare autoDealer 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the iPro parameter.
by Sid3^effects
Alibaba Clone Platinum - SQL Injection via offers_buy.php id Parameter
SQL injection vulnerability in offers_buy.php in Alibaba Clone Platinum allows remote attackers to execute arbitrary SQL commands via the id parameter.
by v3n0m
ASPCode CMS <2.0.0 Build 103 - CSRF
Cross-site request forgery (CSRF) vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other versions, allows remote attackers to hijack the authentication of an administrator for requests that (1) delete users via the delete action in the ma2 parameter or (2) create administrators via the update action in the ma2 parameter.
by Dr. Alberto Fontanella
Scratcher - Cross-Site Scripting via Show Parameter
Cross-site scripting (XSS) vulnerability in projects.php in Scratcher allows remote attackers to inject arbitrary web script or HTML via the show parameter.
by cr4wl3r
Apple Safari 4.0.3 (Windows x86) - 'CSS' Remote Denial of Service (2)
by ITSecTeam
Microsoft SharePoint Server 2007 <12.0.0.6421 - XSS
Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in Microsoft SharePoint Server 2007 12.0.0.6421 and possibly earlier, and SharePoint Services 3.0 SP1 and SP2, versions, allows remote attackers to inject arbitrary web script or HTML via the cid0 parameter.
by High-Tech Bridge SA
Your Articles Directory - Login Option SQL Injection
by Sid3^effects
XT-Commerce 1.0 Beta 1 - Pass / Create and Download Backup
by indoushka
Ucenter Projekt 2.0 - Insecure crossdomain (Cross-Site Scripting)
by indoushka
Tirzen Framework <1.5 - SQL Injection
SQL injection vulnerability in the loadByKey function in the TznDbConnection class in tzn_mysql.php in Tirzen (aka TZN) Framework 1.5, as used in TaskFreak! before 0.6.3, allows remote attackers to execute arbitrary SQL commands via the username field in a login action.
by Justin C. Klein Keane
Socialware 2.2 - Upload / Cross-Site Scripting
by Sid3^effects
Scratcher - SQL Injection via projects.php id Parameter
SQL injection vulnerability in projects.php in Scratcher allows remote attackers to execute arbitrary SQL commands via the id parameter.
by cr4wl3r
iScripts VisualCaster - SQL Injection
SQL injection vulnerability in flashPlayer/playVideo.php in iScripts VisualCaster allows remote attackers to execute arbitrary SQL commands via the product_id parameter.
by Sid3^effects
DZCP (deV!L_z Clanportal) 1.5.3 - Multiple Vulnerabilities
by indoushka
chcounter 3.1.3 - SQL Injection via login_name Parameter
SQL injection vulnerability in administration/index.php in chCounter 3.1.3 allows remote attackers to execute arbitrary SQL commands via the login_name parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by Valentin
velBox 1.2 - Insecure Cookie Authentication Bypass
by indoushka
Tele Data's Contact Management Server 0.9 - 'Username' SQL Injection
by John Leitch
Softbiz Web Host Directory Script < 1.1 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in Softbiz Web Host Directory Script 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter in search_result.php, (2) sbres_id parameter in review.php, (3) cid parameter in browsecats.php, (4) h_id parameter in email.php, and (5) an unspecified parameter to the search module.
by 41.w4r10r
By Source