Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
CVE-2010-0467 EXPLOITDB MEDIUM text VERIFIED
com_ccnewsletter 1.0.5 - Path Traversal via Controller Parameter
Directory traversal vulnerability in the ccNewsletter (com_ccnewsletter) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a ccnewsletter action to index.php.
by B-HUNT3|2
CVSS 5.8
EIP-2026-102788 EXPLOITDB text VERIFIED
Battery Life Toolkit 1.0.9 - 'bltk_sudo' Local Privilege Escalation
by Matthew Garrett
CVE-2010-0468 EXPLOITDB text VERIFIED
PaperThin CommonSpot Content Server - Cross-Site Scripting via URL Parameter in utilities/longproc.cfm
Cross-site scripting (XSS) vulnerability in utilities/longproc.cfm in PaperThin CommonSpot Content Server allows remote attackers to inject arbitrary web script or HTML via the url parameter.
by Richard Brain
CVE-2010-0462 EXPLOITDB text VERIFIED
IBM DB2 9.1-9.7 - Authenticated Heap-Based Buffer Overflow via REPEAT Function
Heap-based buffer overflow in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 allows remote authenticated users to have an unspecified impact via a SELECT statement that has a long column name generated with the REPEAT function.
by Evgeny Legerov
EIP-2026-108893 EXPLOITDB text VERIFIED
Joomla! Component VirtueMart Module Customers_who_bought - SQL Injection
by B-HUNT3|2
EIP-2026-108581 EXPLOITDB text
Joomla! Component com_virtuemart - order_status_id SQL Injection
by B-HUNT3|2
EIP-2026-106470 EXPLOITDB text VERIFIED
Discuz! 6.0 - 'tid' Cross-Site Scripting
by s4r4d0
EIP-2026-104067 EXPLOITDB text VERIFIED
SAP BusinessObjects 12 - URI redirection / Cross-Site Scripting
by Richard Brain
EIP-2026-103927 EXPLOITDB text VERIFIED
HP System Management Homepage 3.0.2 - 'servercert' Cross-Site Scripting
by Richard Brain
CVE-2010-0442 EXPLOITDB text VERIFIED
PostgreSQL 7.4-7.4.28 - Denial of Service via Negative Integer in bitsubstr Function
The bitsubstr function in backend/utils/adt/varbit.c in PostgreSQL 8.0.23, 8.1.11, and 8.3.8 allows remote authenticated users to cause a denial of service (daemon crash) or have unspecified other impact via vectors involving a negative integer in the third argument, as demonstrated by a SELECT statement that contains a call to the substring function for a bit string, related to an "overflow."
by Intevydis
CVE-2010-0552 EXPLOITDB text VERIFIED
Geo++ GNCASTER < 1.4.0.7 - Denial of Service via Long URI Request
Geo++ GNCASTER 1.4.0.7 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via multiple requests for a non-existent file using a long URI.
by RedTeam Pentesting GmbH
EIP-2026-112857 EXPLOITDB text
UGiA PHP UPLOADER 0.2 - Arbitrary File Upload
by indoushka
EIP-2026-108189 EXPLOITDB text VERIFIED
Joomla! Component 3D Cloud - 'tagcloud.swf' Cross-Site Scripting
by MustLive
CVE-2010-0440 EXPLOITDB text VERIFIED
Cisco Secure Desktop < 3.5 - Cross-Site Scripting via Crafted POST Parameter
Cross-site scripting (XSS) vulnerability in +CSCOT+/translation in Cisco Secure Desktop 3.4.2048, and other versions before 3.5; as used in Cisco ASA appliance before 8.2(1), 8.1(2.7), and 8.0(5); allows remote attackers to inject arbitrary web script or HTML via a crafted POST parameter, which is not properly handled by an eval statement in binary/mainv.js that writes to start.html.
by Matias Pablo Brutti
CVE-2010-0459 EXPLOITDB text
com_mochigames 0.51 - SQL Injection via id Parameter
SQL injection vulnerability in the Mochigames (com_mochigames) component 0.51 and possibly other versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
by B-HUNT3|2
EIP-2026-115999 EXPLOITDB text
Opera 10.10 - XML Parser Denial of Service (PoC)
by d3b4g
EIP-2026-115862 EXPLOITDB text VERIFIED
Mozilla Firefox 3.6 - XML Parser Memory Corruption (PoC) / Denial of Service
by d3b4g
EIP-2026-112048 EXPLOITDB text VERIFIED
SilverStripe CMS 2.3.5 - Cross-Site Request Forgery / Open Redirection
by cp77fk4r
EIP-2026-105574 EXPLOITDB text
BoastMachine 3.1 - Arbitrary File Upload
by alnjm33
EIP-2026-110281 EXPLOITDB text
OpenDb 1.5.0.4 - Multiple Local File Inclusions
by ViRuSMaN
CVE-2010-0457 EXPLOITDB text VERIFIED
magic-portal 2.1 - SQL Injection via home.php id Parameter
SQL injection vulnerability in home.php in magic-portal 2.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by alnjm33
EIP-2026-108689 EXPLOITDB text VERIFIED
Joomla! Component JBDiary - Blind SQL Injection
by B-HUNT3|2
EIP-2026-108387 EXPLOITDB text VERIFIED
Joomla! Component com_jbpublishdownfp - SQL Injection
by B-HUNT3|2
EIP-2026-108317 EXPLOITDB text VERIFIED
Joomla! Component com_ContentBlogList - SQL Injection
by B-HUNT3|2
CVE-2010-0461 EXPLOITDB text
Joomla com_casino 1.0 - SQL Injection via id Parameter
SQL injection vulnerability in the casino (com_casino) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) category or (2) player action to index.php.
by B-HUNT3|2