Text Exploits
31,386 exploits tracked across all sources.
MercuryBoard 1.1.5 - 'index.php' Cross-Site Scripting
by indoushka
LightOpenCMS 0.1 - 'smarty.php' Remote File Inclusion
by Zer0 Thunder
com_j-projects - SQL Injection via Project Parameter
SQL injection vulnerability in the JProjects (com_j-projects) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the project parameter in a projects action to index.php.
by Pyske
Joomla! Component com_cartikads 1.0 - Arbitrary File Upload
by kaMtiEz
ImagoScripts Deviant Art Clone - SQL Injection
SQL injection vulnerability in index.php in ImagoScripts Deviant Art Clone allows remote attackers to execute arbitrary SQL commands via the seid parameter in a forums viewcat action.
by alnjm33
Skype for Linux 2.1 Beta - Multiple Strange Behaviour Vulnerabilities
by emgent
KMSoft Guestbook 1.0 - Info Disclosure
KMSoft Guestbook (aka GBook) 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/db.mdb.
by LionTurk
Acidcat CMS 3.5.x - Info Disclosure
Acidcat CMS 3.5.x does not prevent access to install.asp after installation finishes, which might allow remote attackers to restart the installation process and have unspecified other impact via requests to install.asp and other install_*.asp scripts. NOTE: the final installation screen states "Important: you must now delete all files beginning with 'install' from the root directory."
by LionTurk
WorldPay Script Shop - 'productdetail' SQL Injection
by Err0R
Smart Vision Script News - 'newsdetail.php' SQL Injection (1)
by Err0R
rezervi < 3.0.2 - Remote Code Execution via mail.inc.php root Parameter
PHP remote file inclusion vulnerability in include/mail.inc.php in Rezervi 3.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the root parameter, a different vector than CVE-2007-2156.
by r00t.h4x0r
PHP Banner Exchange 1.2 - 'signupconfirm.php' Cross-Site Scripting
by indoushka
TPJobs for Joomla! - SQL Injection via id_c[] Parameter
SQL injection vulnerability in the TPJobs (com_tpjobs) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id_c[] parameter in a resadvsearch action to index.php.
by FL0RiX
Joomla! Component com_oziogallery2 / IMAGIN - Arbitrary File Write
by Ubik & er
Joomla! com_hotbrackets - SQL Injection
SQL injection vulnerability in the HotBrackets Tournament Brackets (com_hotbrackets) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
by FL0RiX
Joomla! Component com_doqment - 'cid' SQL Injection
by Gamoscu
By Source