Text Exploits
31,386 exploits tracked across all sources.
Eros Webkatalog - SQL Injection via start.php id Parameter
SQL injection vulnerability in start.php in Eros Webkatalog allows remote attackers to execute arbitrary SQL commands via the id parameter in a rubrik action.
by Easy Laster
CodeIgniter 1.0 - 'BASEPATH' Multiple Remote File Inclusions
by eidelweiss
ATutor 1.6.4 - Authenticated Cross-Site Scripting in Polls, Groups, and Assignments
Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.6.4 allow remote authenticated users, with Instructor privileges, to inject arbitrary web script or HTML via the (1) Question and (2) Choice fields in tools/polls/add.php, the (3) Type and (4) Title fields in tools/groups/create_manual.php, and the (5) Title field in assignments/add_assignment.php. NOTE: some of these details are obtained from third party information.
by ITSecTeam
AneCMS 1.0 - 'index.php' Multiple HTML Injection Vulnerabilities
by pratul agrawal
Ane CMS 1 - Persistent Cross-Site Scripting
by pratul agrawal
PHPCityPortal - SQL Injection via id Parameter
Multiple SQL injection vulnerabilities in PHPCityPortal allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) video_show.php, (2) spotlight_detail.php, (3) real_estate_details.php, and (4) auto_details.php.
by R3d-D3V!L
Softbiz Jobs and Recruitment Script - 'search_result.php' SQL Injection
by Easy Laster
PHPCityPortal - Remote Code Execution via external.php URL Parameter
PHP remote file inclusion vulnerability in external.php in PHPCityPortal allows remote attackers to execute arbitrary PHP code via a URL in the url parameter.
by R3d-D3V!L
Employee Timeclock Software 0.99 - SQL Injection via Username or Password Parameter
Multiple SQL injection vulnerabilities in Employee Timeclock Software 0.99 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to (a) auth.php or (b) login_action.php.
by Secunia Research
DDL CMS 2.1 - 'blacklist.php' Cross-Site Scripting
by ITSecTeam
Campsite 3.3.5 - Cross-Site Request Forgery
by pratul agrawal
60cycleCMS - 'select.php' Multiple HTML Injection Vulnerabilities
by pratul agrawal
Friendly Technologies TR-069 ACS 2.8.9 - Login SQL Injection
by Yaniv Miron
SUPERAntiSpyware 4.34.1000 and SuperAdBlocker 4.6.1000 - Multiple Vulnerabilities
by Luka Milkovic
Friendly-Tech FriendlyTR69 CPE Remote Management 2.8.9 - SQL Injection
by Yaniv Miron
By Source