Exploitdb Exploits
31,357 exploits tracked across all sources.
DD-WRT 24 sp2 - Cross-Site Request Forgery via apply.cgi Parameters
Multiple cross-site request forgery (CSRF) vulnerabilities in apply.cgi in DD-WRT 24 sp2 allow remote attackers to hijack the authentication of administrators for requests that (1) execute arbitrary commands via the ping_ip parameter; (2) change the administrative credentials via the http_username and http_passwd parameters; (3) enable remote administration via the remote_management parameter; or (4) configure port forwarding via certain from, to, ip, and pro parameters. NOTE: This issue reportedly exists because of a "weak ... anti-CSRF fix" implemented in 24 sp2.
by gat3way
DD-WRT < 24 - Cross-Site Request Forgery via apply.cgi Parameters
Multiple cross-site request forgery (CSRF) vulnerabilities in apply.cgi in DD-WRT 24 sp1 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) execute arbitrary commands via the ping_ip parameter; (2) change the administrative credentials via the http_username and http_passwd parameters; (3) enable remote administration via the remote_management parameter; or (4) configure port forwarding via certain from, to, ip, and pro parameters.
by gat3way
NOS Microsystems getPlus Download Manager - Privilege Escalation
NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlus_HelperSvc.exe with insecure permissions (Everyone:Full Control), which allows local users to gain SYSTEM privileges by replacing getPlus_HelperSvc.exe with a Trojan horse program, as demonstrated by use of getPlus Download Manager within Adobe Reader. NOTE: within Adobe Reader, the scope of this issue is limited because the program is deleted and the associated service is not automatically launched after a successful installation and reboot.
by Nine:Situations:Group
YourFreeWorld Ultra Classifieds Pro - Cross-Site Scripting via cname or sn Parameter
Multiple cross-site scripting (XSS) vulnerabilities in YourFreeWorld Ultra Classifieds Pro allow remote attackers to inject arbitrary web script or HTML via the (1) cname parameter to subclass.php and the (2) sn parameter to listads.php.
by Moudi
YourFreeWorld Ultra Classifieds Pro - Cross-Site Scripting via cname or sn Parameter
Multiple cross-site scripting (XSS) vulnerabilities in YourFreeWorld Ultra Classifieds Pro allow remote attackers to inject arbitrary web script or HTML via the (1) cname parameter to subclass.php and the (2) sn parameter to listads.php.
by Moudi
Silentum Guestbook 2.0.2 - SQL Injection
SQL injection vulnerability in silentum_guestbook.php in Silentum Guestbook 2.0.2 allows remote attackers to execute arbitrary SQL commands via the messageid parameter.
by Bgh7
Proxy List Script - 'index.php' Cross-Site Scripting
by Moudi
PowerUpload 2.4 - Unauthenticated Authentication Bypass via MIME-Encoded Admin Cookie
PowerUpload 2.4 allows remote attackers to bypass authentication and gain administrative access via a MIME encoded value of admin for the myadminname cookie.
by InjEctOr5
PHP Scripts Now World's Tallest Buildings - SQL Injection via bios.php rank Parameter
SQL injection vulnerability in bios.php in PHP Scripts Now World's Tallest Buildings allows remote attackers to execute arbitrary SQL commands via the rank parameter.
by 599eme Man
PHP Scripts Now World's Tallest Buildings - Cross-Site Scripting via bios.php rank Parameter
Cross-site scripting (XSS) vulnerability in bios.php in PHP Scripts Now World's Tallest Buildings allows remote attackers to inject arbitrary web script or HTML via the rank parameter.
by 599eme Man
Netrix CMS 1.0 - Unauthenticated Arbitrary Page Modification via cid Parameter
admin/cikkform.php in Netrix CMS 1.0 allows remote attackers to modify arbitrary pages via a direct request using the cid parameter.
by Mr.tro0oqy
MyWeight 1.0 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in MyWeight 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) date parameter to user_addfood.php, info parameter to (2) user_forgot_pwd_form.php and (3) user_login.php, and (4) return parameter to user_login.php.
by Moudi
MyWeight 1.0 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in MyWeight 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) date parameter to user_addfood.php, info parameter to (2) user_forgot_pwd_form.php and (3) user_login.php, and (4) return parameter to user_login.php.
by Moudi
MyWeight 1.0 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in MyWeight 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) date parameter to user_addfood.php, info parameter to (2) user_forgot_pwd_form.php and (3) user_login.php, and (4) return parameter to user_login.php.
by Moudi
GraFX MiniCWB 2.3.0 - Remote Code Execution via LANG Parameter File Inclusion
Multiple PHP remote file inclusion vulnerabilities in GraFX MiniCWB 2.3.0 allow remote attackers to execute arbitrary PHP code via a URL in the LANG parameter to (1) en.inc.php, (2) hu.inc.php, (3) no.inc.php, (4) ro.inc.php, and (5) ru.inc.php in language/.
by NoGe
MCshoutbox 1.1 - Authenticated Arbitrary File Upload via Admin Panel
Unrestricted file upload vulnerability in admin.php in MCshoutbox 1.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in smilies/.
by SirGod
GejoSoft - Cross-Site Scripting via PATH_INFO to photos/tags
Cross-site scripting (XSS) vulnerability in GejoSoft allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI in photos/tags.
by Moudi
HUBScript 1.0 - Cross-Site Scripting via bid_id Parameter
Cross-site scripting (XSS) vulnerability in single_winner1.php in HUBScript 1.0 allows remote attackers to inject arbitrary web script or HTML via the bid_id parameter.
by Moudi
EZodiak - Cross-Site Scripting via Sign Parameter
Cross-site scripting (XSS) vulnerability in index.php in EZodiak allows remote attackers to inject arbitrary web script or HTML via the sign parameter.
by Moudi
runcms myannonces - SQL Injection via lid Parameter
SQL injection vulnerability in the MyAnnonces module for E-Xoopport 3.1 allows remote attackers to execute arbitrary SQL commands via the lid parameter in a viewannonces action to index.php.
by Vrs-hCk
DragDropCart - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in DragDropCart allow remote attackers to inject arbitrary web script or HTML via the (1) sid parameter to assets/js/ddcart.php, the (2) prefix parameter to includes/ajax/getstate.php, the search parameter to (3) index.php and (4) search.php, the (5) redirect parameter to login.php, and the (6) product parameter to productdetail.php.
by Moudi
DragDropCart - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in DragDropCart allow remote attackers to inject arbitrary web script or HTML via the (1) sid parameter to assets/js/ddcart.php, the (2) prefix parameter to includes/ajax/getstate.php, the search parameter to (3) index.php and (4) search.php, the (5) redirect parameter to login.php, and the (6) product parameter to productdetail.php.
by Moudi
DragDropCart - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in DragDropCart allow remote attackers to inject arbitrary web script or HTML via the (1) sid parameter to assets/js/ddcart.php, the (2) prefix parameter to includes/ajax/getstate.php, the search parameter to (3) index.php and (4) search.php, the (5) redirect parameter to login.php, and the (6) product parameter to productdetail.php.
by Moudi
DragDropCart - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in DragDropCart allow remote attackers to inject arbitrary web script or HTML via the (1) sid parameter to assets/js/ddcart.php, the (2) prefix parameter to includes/ajax/getstate.php, the search parameter to (3) index.php and (4) search.php, the (5) redirect parameter to login.php, and the (6) product parameter to productdetail.php.
by Moudi
By Source