Text Exploits
31,386 exploits tracked across all sources.
FreePBX 2.5.2 and 2.6.0rc2 - Cross-Site Scripting via Tech Parameter and Description Parameter
Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.5.2 and 2.6.0rc2, and possibly other versions, allow remote attackers to inject arbitrary web script or HTML via the (1) tech parameter to admin/admin/config.php during a trunks display action, the (2) description parameter during an Add Zap Channel action, and (3) unspecified vectors during an Add Recordings action.
by Global-Evolution
Joomla! com_if_nexus 1.5 - Path Traversal
Directory traversal vulnerability in the inertialFATE iF Portfolio Nexus (com_if_nexus) component 1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
by FL0RiX
PHP Forum ohne My SQL - Arbitrary File Upload
by wlhaan hacker
MySimpleFileUploader 1.6 - Arbitrary File Upload
by FormatXformat
PHP upload - 'unijimpe' Arbitrary File Upload
by wlhaan hacker
Facileforms - Cross-Site Scripting via Itemid Parameter
Cross-site scripting (XSS) vulnerability in the Facileforms (com_facileforms) component for Joomla! and Mambo allows remote attackers to inject arbitrary web script or HTML via the Itemid parameter to index.php.
by Pyske
Joomla! Component com_trabalhe_conosco - Cross-Site Scripting
by Pyske
Joomla! com_qpersonel 1.0.2 RC2 - XSS
Cross-site scripting (XSS) vulnerability in the Q-Personel (com_qpersonel) component 1.0.2 RC2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the personel_sira parameter in a sirala action to index.php.
by Pyske
Joomla! Component com_oprykningspoint_mc - Cross-Site Scripting
by Pyske
Joomla DhForum Component - SQL Injection via id Parameter
SQL injection vulnerability in the DhForum (com_dhforum) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a grouplist action to index.php.
by ViRuSMaN
cmstactics com_beeheard 1.x - SQL Injection via category_id Parameter
SQL injection vulnerability in the BeeHeard (com_beeheard) component 1.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter in a suggestions action to index.php.
by FL0RiX
Joomla! Component com_adagency - Local File Inclusion
by FL0RiX
By Source