Text Exploits
31,386 exploits tracked across all sources.
IBM Lotus Notes 6.5.x - 'names.nsf' Cross-Site Scripting
by Lament
IBM Lotus Notes 6.5.6 - 'names.nsf' Open Redirection
by Lament
phpscripte24 Niedrig Gebote Pro Auktions System II - SQL Injection via auktion.php id_auk Parameter
SQL injection vulnerability in auktion.php in phpscripte24 Niedrig Gebote Pro Auktions System II allows remote attackers to execute arbitrary SQL commands via the id_auk parameter.
by Easy Laster
tenfourzero.net Shutter 0.1.4 - 'admin.html' Multiple SQL Injections
by blake
SOFTSAURUS 2.01 - Multiple Remote File Inclusions
by cr4wl3r
SiteDone Custom Edition 2.0 - SQL Injection / Cross-Site Scripting
by d3v1l
Multi Auktions Komplett System 2 - SQL Injection
SQL injection vulnerability in auktion.php in Multi Auktions Komplett System 2 allows remote attackers to execute arbitrary SQL commands via the id_auk parameter.
by Easy Laster
Kempt SiteDone 2.0 - '/detail.php' Cross-Site Scripting / SQL Injection
by d3v1l
ManageEngine ServiceDesk Plus 7.6 - woID SQL Injection
by Nahuel Grisolia
Cookex Agency CKForms <1.3.3 - SQL Injection
SQL injection vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter in a detail action to index.php.
by ALTBTA
Microsoft Virtual PC <2007 Gold & SP1 - Memory Corruption
The memory-management implementation in the Virtual Machine Monitor (aka VMM or hypervisor) in Microsoft Virtual PC 2007 Gold and SP1, Virtual Server 2005 Gold and R2 SP1, and Windows Virtual PC does not properly restrict access from the guest OS to memory locations in the VMM work area, which allows context-dependent attackers to bypass certain anti-exploitation protection mechanisms on the guest OS via crafted input to a vulnerable application. NOTE: the vendor reportedly found that only systems with an otherwise vulnerable application are affected, because "the memory areas accessible from the guest cannot be leveraged to achieve either remote code execution or elevation of privilege and ... no data from the host is exposed to the guest OS."
by Core Security
Microsoft Windows Media Player 11 - Memory Corruption
Microsoft Windows Media Player 11 does not properly perform colorspace conversion, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .AVI file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by ITSecTeam
Preisschlacht Multi Liveshop System - 'index.php?aid' SQL Injection
by Easy Laster
Joomla! Component com_vxdate - Multiple Vulnerabilities
by MustLive
Cookex Agency CKForms <1.3.3 - Path Traversal
Directory traversal vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
by ALTBTA
By Source