Text Exploits
31,386 exploits tracked across all sources.
Microsoft Internet Explorer 8 - Denial of Service
by Asheesh kumar Mani Tripathi
ZeusCMS 0.2 - Information Disclosure via Direct Request for admin/backup.sql
ZeusCMS 0.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request for admin/backup.sql.
by ViRuSMaN
WSN Guest 1.02 - SQL Injection via Orderlinks Parameter
SQL injection vulnerability in index.php in WSN Guest 1.02 allows remote attackers to execute arbitrary SQL commands via the orderlinks parameter.
by Gamoscu
WordPress 2.9 - Authenticated Information Disclosure via Trash Post Access
WordPress 2.9 before 2.9.2 allows remote authenticated users to read trash posts from other authors via a direct request with a modified p parameter.
by tmacuk
StatCounteX 3.1 - Unauthenticated Sensitive Information Exposure via Direct Database Request
StatCounteX 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for path/stats.mdb.
by Phenom
southburn Web - 'products.php' SQL Injection
by AtT4CKxT3rR0r1ST
Izumi 1.1.0 - Multiple Local File Inclusion / Remote File Inclusions
by cr4wl3r
CMS Made Simple 1.6.6 - Multiple Vulnerabilities
by Beenu Arora
CMS Made Simple 1.6.6 - Local File Inclusion / Cross-Site Scripting
by Beenu Arora
basic-cms - Cross-Site Scripting via nav_id Parameter
Cross-site scripting (XSS) vulnerability in pages/index.php in BASIC-CMS allows remote attackers to inject arbitrary web script or HTML via the nav_id parameter.
by Red-D3v1L
Multiple Browsers - Address bar Characters
by Pouya Daneshmand
Nokia Symbian OS 3rd Edition - Multiple Web Browser Vulnerabilities
by Nishant Das Patnaik
Infragistics WebHtmlEditor 7.1 - Multiple Vulnerabilities
by SpeeDr00t
Cisco Collaboration Server 5 - Cross-Site Scripting via LoginPage.jhtml Dest Parameter
Cross-site scripting (XSS) vulnerability in webline/html/admin/wcs/LoginPage.jhtml in Cisco Collaboration Server (CCS) 5 allows remote attackers to inject arbitrary web script or HTML via the dest parameter.
by s4squatch
JAG 1.14 - Unauthenticated Sensitive Information Exposure via Direct Request
JAG (Just Another Guestbook) 1.14 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request for jag/database.sql.
by Phenom
vBulletin 3.5.4 - Multiple Cross-Site Scripting Vulnerabilities
by ROOT_EGY
By Source