Text Exploits
31,392 exploits tracked across all sources.
Netscape Navigator - Denial of Service via Select Object Length Property
Netscape 6 and 8 allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
by Thierry Zoller
Sony PLAYSTATION 3 - Denial of Service via Large Select Object Length Property
The web browser on the Sony PLAYSTATION 3 (PS3) allows remote attackers to cause a denial of service (memory consumption and console hang) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
by Thierry Zoller
CVSS 7.5
Opera < 9.64 - Denial of Service via Large Select Object Length Property
Opera, possibly 9.64 and earlier, allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
by Thierry Zoller
aigo_md_p8860 - Denial of Service via Large Select Object Length Property
The Aigo P8860 allows remote attackers to cause a denial of service (memory consumption and browser hang) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
by Thierry Zoller
Nokia Symbian OS 9.2 - Denial of Service via Large Select Object Length Property
The Nokia N95 running Symbian OS 9.2, N82, and N810 Internet Tablet allow remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
by Thierry Zoller
KDE Konqueror - Denial of Service via Large Select Object Length Property
KDE Konqueror allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
by Thierry Zoller
Microsoft Internet Explorer <9 - DoS
Microsoft Internet Explorer 5 through 8 allows remote attackers to cause a denial of service (memory consumption and application crash) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
by Thierry Zoller
My Category Order <2.8 - SQL Injection
SQL injection vulnerability in mycategoryorder.php in the My Category Order plugin 2.8 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the parentID parameter in an act_OrderCategories action to wp-admin/post-new.php.
by Manh Luat
WebLeague 2.2.0 - SQL Injection via Profile Name Parameter
SQL injection vulnerability in profile.php in WebLeague 2.2.0 allows remote attackers to execute arbitrary SQL commands via the name parameter.
by Arka69
phpgenealogy 2.0 - Remote Code Execution via DataDirectory Parameter
PHP remote file inclusion vulnerability in CoupleDB.php in PHPGenealogy 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the DataDirectory parameter.
by Khashayar Fereidani
ILIAS Lms 3.9.9/3.10.7 - Arbitrary Edition / Information Disclosure
by YEnH4ckEr
ecardmax.com FormXP 2007 - Cross-Site Scripting via survey_result.php sid Parameter
Cross-site scripting (XSS) vulnerability in survey_result.php in eCardMAX FormXP 2007 allows remote attackers to inject arbitrary web script or HTML via the sid parameter.
by Moudi
Admin News Tools 2.5 - Path Traversal
Directory traversal vulnerability in system/download.php in Admin News Tools 2.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the fichier parameter.
by Securitylab.ir
Admin News Tools 2.5 - Unauthenticated News Message Posting via Direct Request
system/message.php in Admin News Tools 2.5 does not properly restrict access, which allows remote attackers to post news messages via a direct request.
by Securitylab.ir
Mozilla Firefox <2.0.0.19 & 3.x <3.0.5 - DoS
Mozilla Firefox before 2.0.0.19 and 3.x before 3.0.5, SeaMonkey, and Thunderbird allow remote attackers to cause a denial of service (memory consumption and application crash) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
by Thierry Zoller
Mobilelib GOLD 3.0 - Path Traversal via GLOBALS[page] Parameter
Directory traversal vulnerability in myhtml.php in Mobilelib GOLD 3.0, when magic_quotes_gpc is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the GLOBALS[page] parameter.
by Qabandi
eCardMAX - Multiple Cross-Site Scripting Vulnerabilities
by Moudi
Virtualmin < 3.703 - Multiple Local/Remote Vulnerabilities
by Filip Palian
DJCalendar - Path Traversal via TEMPLATE Parameter
Directory traversal vulnerability in DJcalendar.cgi in DJCalendar allows remote attackers to read arbitrary files via a .. (dot dot) in the TEMPLATE parameter.
by cibbao
Top Paidmailer - Remote Code Execution via home.php page Parameter
PHP remote file inclusion vulnerability in home.php in Top Paidmailer allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.
by Moudi
Censura 1.16.04 - SQL Injection via itemid Parameter
SQL injection vulnerability in censura.php in Censura 1.16.04 allows remote attackers to execute arbitrary SQL commands via the itemid parameter in a details action.
by Vrs-hCk
PHP AdminPanel Free 1.0.5 - Remote File Disclosure
by Khashayar Fereidani
Censura 1.16.04 - Cross-Site Scripting via itemid Parameter
Cross-site scripting (XSS) vulnerability in censura.php in Censura 1.16.04 allows remote attackers to inject arbitrary web script or HTML via the itemid parameter in a details action.
by Vrs-hCk
Opial 1.0 - SQL Injection via Genres Parent Parameter
SQL injection vulnerability in home.php in Opial 1.0 allows remote attackers to execute arbitrary SQL commands via the genres_parent parameter.
by LMaster
By Source