Text Exploits
31,386 exploits tracked across all sources.
RealAdmin - 'detail.php' Blind SQL Injection
by AtT4CKxT3rR0r1ST
eicra_car_rental-script - SQL Injection via Users and Passwords Parameters
Multiple SQL injection vulnerabilities in index.php in Eicra Car Rental-Script, when the plugin_id parameter is 4, allow remote attackers to execute arbitrary SQL commands via the (1) users (username) and (2) passwords parameters.
by Hamza 'MizoZ' N.
myBusinessAdmin - 'content.php' Blind SQL Injection
by AtT4CKxT3rR0r1ST
KubeLance 1.7.6 - Cross-Site Request Forgery (Add Admin)
by Milos Zivanovic
cityadmin - 'links.php' Blind SQL Injection
by AtT4CKxT3rR0r1ST
Hipergate 4.0.12 - Multiple Vulnerabilities
by Nahuel Grisolia
MobPartner Chat - Multiple SQL Injections
by AtT4CKxT3rR0r1ST
GCP 2.0 datasets provided as BioCASE Web services - Local File Inclusion
by R3VAN_BASTARD
Linux Kernel 2.6.x - KVM 'pit_ioport_read()' Local Denial of Service
by Marcelo Tosatti
Joomla! Component com_gambling - 'gamblingEvent' SQL Injection
by md.r00t
AutartiTarot (com_autartitarot) 1.0.3 - Path Traversal
Directory traversal vulnerability in the AutartiTarot (com_autartitarot) component 1.0.3 for Joomla! allows remote authenticated users, with "Public Back-end" group permissions, to read arbitrary files via directory traversal sequences in the controller parameter in an edit task to administrator/index.php. NOTE: some of these details are obtained from third party information.
by B-HUNT3|2
Alegrocart - Cross-Site Request Forgery
Cross-site request forgery (CSRF) vulnerability in AlegroCart 1.1 allows remote attackers to hijack the authentication of the administrator for requests that reset the administrator password via a POST to admin/ with an update action.
by The.Morpheus
Evernew Free Joke Script 1.2 - SQL Injection via viewjokes.php id Parameter
SQL injection vulnerability in viewjokes.php in Evernew Free Joke Script 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Hamza 'MizoZ' N.
EmiratesHost - Insecure Cookie Authentication Bypass
by jago-dz
Linux Kernel < 2.6.32.8 - Denial of Service via ELF Interpreter Handling
The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of service (system crash) via a 32-bit application that attempts to execute a 64-bit application and then triggers a segmentation fault, as demonstrated by amd64_killer, related to the flush_old_exec function.
by Mathias Krause
By Source