Exploitdb Exploits
31,344 exploits tracked across all sources.
Cmstactics Com Beeheard - Path Traversal
Directory traversal vulnerability in the BeeHeard (com_beeheard) and BeeHeard Lite (com_beeheardlite) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
by AntiSecurity
Almnzm 2.1 - SQL Injection via id Parameter
SQL injection vulnerability in index.php in Almnzm 2.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by NeX HaCkEr
RJ-iTop Network Vulnerability Scanner System - Multiple SQL Injections
by wsn1983
School Management System Pro 6.0.0 - Backup Dump
by indoushka
openUrgence Vaccin 1.03 - Path Traversal
Directory traversal vulnerability in scr/soustab.php in openUrgence Vaccin 1.03 allows remote attackers to read arbitrary files via the dsn[phptype] parameter.
by cr4wl3r
Zikula Application Framework 1.2.2 - Cross-Site Scripting via Func or Lang Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Zikula Application Framework 1.2.2, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) func parameter to index.php, or the (2) lang parameter to index.php, which is not properly handled by ZLanguage.php.
by High-Tech Bridge SA
Zikula Application Framework 1.2.2 - Cross-Site Scripting via Func or Lang Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Zikula Application Framework 1.2.2, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) func parameter to index.php, or the (2) lang parameter to index.php, which is not properly handled by ZLanguage.php.
by High-Tech Bridge SA
Vana CMS - 'Filename' Arbitrary File Download
by Pouya Daneshmand
Police Municipale Open Main Courante 1.01beta - Local File Inclusion / Remote File Inclusion
by cr4wl3r
openUrgence Vaccin 1.03 - Remote Code Execution via path_om Parameter in PHP File Inclusion
Multiple PHP remote file inclusion vulnerabilities in openUrgence Vaccin 1.03 allow remote attackers to execute arbitrary PHP code via a URL in the path_om parameter to (1) collectivite.class.php, (2) injection.class.php, (3) utilisateur.class.php, (4) droit.class.php, (5) laboratoire.class.php, (6) vaccin.class.php, (7) effetsecondaire.class.php, (8) medecin.class.php, (9) individu.class.php, and (10) profil.class.php in gen/obj/.
by cr4wl3r
Qproje Com Qpersonel < 1.0.2 - SQL Injection
SQL injection vulnerability in the Q-Personel (com_qpersonel) component 1.0.2 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the katid parameter in a qpListele action to index.php.
by Valentin
com_jvehicles 1.0, 2.0, and 2.1111 - SQL Injection via aid Parameter
SQL injection vulnerability in the Jvehicles (com_jvehicles) component 1.0, 2.0, and 2.1111 for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an agentlisting action to index.php. NOTE: some of these details are obtained from third party information.
by Don Tukulesto
com_jp_jobs < 1.4.1 - SQL Injection via id Parameter
SQL injection vulnerability in the JP Jobs (com_jp_jobs) component 1.4.1 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.
by v3n0m
netkar-PRO 1.1 - Remote Stack Buffer Overflow
by Luigi Auriemma
Joomla! com_sermonspeaker <3.2.1 - SQL Injection
SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) component before 3.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a latest_sermons action to index.php.
by SadHaCkEr
YaPiG 0.93u and 0.94u - Remote File Inclusion via YAPIG_PATH Parameter
PHP remote file inclusion vulnerability in last_gallery.php in YaPiG 0.93u and 0.94u allows remote attackers to execute arbitrary PHP code via the YAPIG_PATH parameter.
by JIKO
Vieassociative Openmairie 1.01 Beta - Local File Inclusion / Remote File Inclusion
by cr4wl3r
TANDBERG VCS <X5.1 - Path Traversal
Multiple directory traversal vulnerabilities in the web administration interface on the TANDBERG Video Communication Server (VCS) before X5.1 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the page parameter to (1) helppage.php or (2) user/helppage.php.
by Jon Hart
Joomla! com_webtv 1.0 - Path Traversal
Directory traversal vulnerability in the Web TV (com_webtv) component 1.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
by AntiSecurity
Joomla! com_sweetykeeper <1.5 - Path Traversal
Directory traversal vulnerability in the Sweety Keeper (com_sweetykeeper) component 1.5.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
by AntiSecurity
By Source