Exploitdb Exploits

EIP-2026-107557 EXPLOITDB text VERIFIED

HASHE! Solutions - Multiple SQL Injections

by AtT4CKxT3rR0r1ST

View

CVE-2010-0764 EXPLOITDB text VERIFIED

KuwaitPHP eSmile - SQL Injection via cid Parameter

SQL injection vulnerability in index.php in KuwaitPHP eSmile allows remote attackers to execute arbitrary SQL commands via the cid parameter in a show action.

by AtT4CKxT3rR0r1ST

View

CVE-2009-4645 EXPLOITDB text VERIFIED

Accellion Secure File Transfer Appliance <8.0.105 - Path Traversal

Directory traversal vulnerability in web_client_user_guide.html in Accellion Secure File Transfer Appliance before 8_0_105 allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter.

by Tim Brown

View

CVE-2009-4648 EXPLOITDB text VERIFIED

Accellion Secure File Transfer Appliance - Privilege Escalation via Sudo Command Argument Injection

Accellion Secure File Transfer Appliance before 8_0_105 does not properly restrict access to sensitive commands and arguments that run with extra sudo privileges, which allows local administrators to gain privileges via (1) arbitrary arguments in the --file_move action in /usr/local/bin/admin.pl, or a hard link attack in (2) chmod or (3) a certain cp command.

by Tim Brown

View

CVE-2010-0239 EXPLOITDB text VERIFIED

Windows Vista and Server 2008 - Remote Code Execution via ICMPv6 Router Advertisement

The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when IPv6 is enabled, does not properly perform bounds checking on ICMPv6 Router Advertisement packets, which allows remote attackers to execute arbitrary code via crafted packets, aka "ICMPv6 Router Advertisement Vulnerability."

by Sumit Gwalani

View

EIP-2026-114632 EXPLOITDB text

Zomorrod CMS - SQL Injection

by Pouya Daneshmand

View

EIP-2026-114525 EXPLOITDB text VERIFIED

Yes Solutions - Webapp SQL Injection

by HackXBack

View

EIP-2026-113014 EXPLOITDB text VERIFIED

vBulletin Adsense Component - 'viewpage.php' SQL Injection

by JIKO

View

EIP-2026-112659 EXPLOITDB text VERIFIED

ThinkPHP 2.0 - 'index.php' Cross-Site Scripting

by zx

View

CVE-2010-0605 EXPLOITDB text VERIFIED

osTicket < 1.6 - Authenticated SQL Injection via scp/ajax.php Input Parameter

SQL injection vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remote authenticated users, with "Staff" permissions, to execute arbitrary SQL commands via the input parameter.

by Nahuel Grisolia

View

EIP-2026-109923 EXPLOITDB text VERIFIED

NewsLetter Tailor 0.2.0 - Remote File Inclusion

by snakespc

View

EIP-2026-109922 EXPLOITDB text VERIFIED

NewsLetter Tailor - Database Backup Dump

by ViRuSMaN

View

EIP-2026-109921 EXPLOITDB text VERIFIED

NewsLetter Tailor - Authentication Bypass

by ViRuSMaN

View

EIP-2026-109147 EXPLOITDB text VERIFIED

Limny 1.01 - Arbitrary File Upload

by JIKO

View

EIP-2026-107177 EXPLOITDB text VERIFIED

Fonts Site Script - Remote File Disclosure

by JIKO

View

EIP-2026-106202 EXPLOITDB text VERIFIED

CPA Site Solutions - Arbitrary File Upload

by R3VAN_BASTARD

View

EIP-2026-103779 EXPLOITDB text

LDAP - Injection

by mc2_s3lector

View

EIP-2026-100439 EXPLOITDB text

MOJO's IWms 7 - SQL Injection / Cross-Site Scripting

by cp77fk4r

View

CVE-2010-0765 EXPLOITDB text VERIFIED

fipsForum 2.6 - Unauthenticated Sensitive Information Disclosure via Direct Database Request

fipsForum 2.6 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for _database/forumFips.mdb.

by ViRuSMaN

View

EIP-2026-118602 EXPLOITDB text VERIFIED

GeFest Web Home Server 1.0 - Directory Traversal

by Markot

View

EIP-2026-114599 EXPLOITDB text VERIFIED

Zen Time Tracking 2.2 - Multiple SQL Injections

by cr4wl3r

View

EIP-2026-113086 EXPLOITDB text VERIFIED

VideoDB 3.0.3 - 'login.php' Cross-Site Scripting

by vr

View

CVE-2010-1043 EXPLOITDB text VERIFIED

jaxCMS 1.0 - Path Traversal and Arbitrary File Execution via 'p' Parameter

Directory traversal vulnerability in index.php in jaxCMS 1.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter.

by Hamza 'MizoZ' N.

View

EIP-2026-105555 EXPLOITDB text

Blue Dove - SQL Injection

by HackXBack

View

EIP-2026-105018 EXPLOITDB text VERIFIED

Aflam Online 1.0 - 'index.php' SQL Injection

by alnjm33

View