Text Exploits
31,386 exploits tracked across all sources.
BGS CMS 2.2.1 - Cross-Site Scripting via Search Parameter
Cross-site scripting (XSS) vulnerability in index.php in BGSvetionik BGS CMS 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the search parameter in a search action. NOTE: some of these details are obtained from third party information.
Huawei HG510 - Multiple Cross-Site Request Forgery Vulnerabilities
by Ivan Markovic
Portrait Software Portrait Campaign Manager 4.6.1.22 - Multiple Cross-Site Scripting Vulnerabilities
by Roel Schouten
Copperleaf Photolog 0.16 - SQL Injection via postid Parameter
SQL injection vulnerability in cplphoto.php in the Copperleaf Photolog plugin 0.16, and possibly earlier, for WordPress allows remote attackers to execute arbitrary SQL commands via the postid parameter.
by kaMtiEz
Joomla! Component com_joomportfolio - Blind Injection
by snakespc
Joomla! Component com_hdvideoshare - SQL Injection
by snakespc
Dodo Upload 1.3 - Arbitrary File Upload (Bypass)
by indoushka
Katalog Stron Hurricane 1.3.5 - SQL Injection via Index.php Get Parameter
SQL injection vulnerability in index.php in Katalog Stron Hurricane 1.3.5, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the get parameter.
by kaMtiEz
Katalog Stron Hurricane 1.3.5 - Remote Code Execution via includes_directory Parameter
PHP remote file inclusion vulnerability in includes/moderation.php in Katalog Stron Hurricane 1.3.5, and possibly earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the includes_directory parameter.
by kaMtiEz
JTL-Shop 2 - SQL Injection via Druckansicht s Parameter
SQL injection vulnerability in druckansicht.php in JTL-Shop 2 allows remote attackers to execute arbitrary SQL commands via the s parameter.
by Lo$T
JoomlaWorks AllVideos <3.2 - Path Traversal
Directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos (Jw_allVideos) plugin 3.0 through 3.2 for Joomla! allows remote attackers to read arbitrary files via a ./../.../ (modified dot dot) in the file parameter.
by Pouya Daneshmand
ZeusCMS 0.2 - Path Traversal via Page Parameter
Directory traversal vulnerability in index.php in ZeusCMS 0.2 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter.
by ViRuSMaN
StatCounteX 3.0 and 3.1 - Unauthenticated Sensitive Information Disclosure and Configuration Manipulation via admin.asp
StatCounteX 3.0 and 3.1 allows remote attackers to obtain sensitive information and edit configuration scripts via a direct request to admin.asp.
by Phenom
Mozilla Firefox 3.6 - Denial of Service (1)
by Asheesh kumar Mani Tripathi
By Source