Text Exploits
31,386 exploits tracked across all sources.
Core Design Scriptegrator <1.4.1 - Path Traversal
Multiple directory traversal vulnerabilities in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) file parameter to libraries/jquery/js/ui/jsloader.php and the (2) files[] parameter to libraries/jquery/js/jsloader.php, a different vector than CVE-2010-0759. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by S2 Crew
Joomla! Component com_otzivi - Local File Inclusion
by AtT4CKxT3rR0r1ST
PortWise SSL VPN 4.6 - Cross-Site Scripting via wa/auth reloadFrame Parameter
Cross-site scripting (XSS) vulnerability in wa/auth in PortWise SSL VPN 4.6 allows remote attackers to inject arbitrary web script or HTML via the reloadFrame parameter.
by George Christopoulos
git < 1.5.6 - Remote Code Execution via gitweb Shell Metacharacters
The web interface in git (gitweb) 1.5.x before 1.5.6 allows remote attackers to execute arbitrary commands via shell metacharacters related to (1) git_snapshot and (2) git_object.
by S2 Crew
Multiple File Attachments Mail Form Pro 2.0 - Arbitrary File Upload
by EgoPL
Joomla! Component com_acteammember - SQL Injection
by ALTBTA
Joomla! Component com_acstartseite - SQL Injection
by AtT4CKxT3rR0r1ST
Joomla! Component com_acprojects - SQL Injection
by AtT4CKxT3rR0r1ST
Erotik Auktionshaus - SQL Injection
SQL injection vulnerability in news.php in Erotik Auktionshaus allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Easy Laster
Auktionshaus Gelb 3.0 - SQL Injection
SQL injection vulnerability in news.php in Auktionshaus Gelb 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Easy Laster
wh-em.com upload 7.0 - Insecure Cookie Authentication Bypass
by indoushka
KR MEDIA Pogodny CMS - SQL Injection via id Parameter in niusy Action
SQL injection vulnerability in index.php in KR MEDIA Pogodny CMS allows remote attackers to execute arbitrary SQL commands via the id parameter in a niusy action.
by Ariko-Security
Mambo Component 'com_acnews' - 'id' SQL Injection
by Zero Bits & Xzit3
Limny 2.0 - Cross-Site Request Forgery in User and Admin Actions
Multiple cross-site request forgery (CSRF) vulnerabilities in Limny 2.0 allow remote attackers to (1) hijack the authentication of users or administrators for requests that change the email address or password via the user action to index.php, and (2) hijack the authentication of the administrator for requests that create a new user via the admin/modules/user/new action to limny/index.php.
by Luis Santana
Limny 2.0 - Cross-Site Request Forgery in User and Admin Actions
Multiple cross-site request forgery (CSRF) vulnerabilities in Limny 2.0 allow remote attackers to (1) hijack the authentication of users or administrators for requests that change the email address or password via the user action to index.php, and (2) hijack the authentication of the administrator for requests that create a new user via the admin/modules/user/new action to limny/index.php.
by Luis Santana
EziScript Google Page Rank 1.1 - Cross-Site Scripting
by sarabande
By Source