Text Exploits
31,386 exploits tracked across all sources.
JBC Explorer 7.20 - 'arbre.php' Cross-Site Scripting
by Metropolis
Ignition 1.2 - Remote File Inclusion via Blog Parameter
Multiple directory traversal vulnerabilities in Ignition 1.2, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the blog parameter to (1) comment.php and (2) view.php.
by cOndemned
Advance Biz Limited 1.0 - Authentication Bypass
by PaL-D3v1L
4images 1.7.x - Authenticated SQL Injection via search_user Parameter
SQL injection vulnerability in search.php in 4images 1.7.x allows remote authenticated users to execute arbitrary SQL commands via the search_user parameter.
by Master Mind
8pixel simple_blog - Unauthenticated Database Download via Direct Request
8pixel.net Blog 4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for App_Data/sb.mdb.
by LionTurk
Lizard Cart CMS 1.04 - SQL Injection via id Parameter
SQL injection vulnerability in (1) pages.php and (2) detail.php in Lizard Cart CMS 1.04 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by cr4wl3r
Cant Find A Gaming CMS (CFAGCMS) 1.0 Beta 1 - SQL Injection
SQL injection vulnerability in right.php in Cant Find A Gaming CMS (CFAGCMS) 1.0 Beta 1 allows remote attackers to execute arbitrary SQL commands via the title parameter.
by cr4wl3r
Barracuda Web Firewall 660 Firmware 7.3.1.007 - Multiple Vulnerabilities
by Global-Evolution
Barracuda Web Application Firewall 660 - '/cgi-mod/index.cgi' Multiple HTML Injection Vulnerabilities
by Global-Evolution
Pyrmont plugin 2 for WordPress - SQL Injection via id Parameter
SQL injection vulnerability in results.php in the Pyrmont plugin 2 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Gamoscu
Schweizer NISADA Communication CMS - SQL Injection
by Dr.0rYX & Cr3W-DZ
Joomla! Component Event Manager - Blind SQL Injection
by FL0RiX
Joomla! Component City Portal - Blind SQL Injection
by FL0RiX
F3Site 2009 - Path Traversal via GLOBALS[nlang] Parameter
Multiple directory traversal vulnerabilities in F3Site 2009 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the GLOBALS[nlang] parameter to (1) mod/poll.php and (2) mod/new.php.
by cr4wl3r
F3Site 2009 - Path Traversal via GLOBALS[nlang] Parameter
Multiple directory traversal vulnerabilities in F3Site 2009 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the GLOBALS[nlang] parameter to (1) mod/poll.php and (2) mod/new.php.
by cr4wl3r
By Source