Exploitdb Exploits
31,357 exploits tracked across all sources.
phpBMS 0.96 - Cross-Site Scripting via PATH_INFO
Multiple cross-site scripting (XSS) vulnerabilities in phpBMS 0.96 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) index.php and (2) modules\base\myaccount.php; and the PATH_INFO to (3) modules_view.php, (4) tabledefs_options.php, and (5) adminsettings.php in phpbms\modules\base\.
by eLwaux
phpBMS 0.96 - SQL Injection via id/f/tid Parameters
Multiple SQL injection vulnerabilities in phpBMS 0.96 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to modules/bms/invoices_discount_ajax.php, (2) f parameter to dbgraphic.php, and (3) tid parameter in a show action to advancedsearch.php.
by eLwaux
Citrix XenCenterWeb - Remote Code Execution via config/writeconfig.php Pool1 Parameter
Static code injection vulnerability in config/writeconfig.php in the sample code in the XenServer Resource Kit in Citrix XenCenterWeb allows remote attackers to inject arbitrary PHP code into include/config.ini.php via the pool1 parameter. NOTE: some of these details are obtained from third party information.
by Secure Network
OtsAV DJ, Radio, and TV 1.85.64.0 - Heap-Based Buffer Overflow via Long Playlist in OFL File
Heap-based buffer overflow in OtsAV DJ trial version 1.85.64.0, Radio trial version 1.85.64.0, TV trial version 1.85.64.0, and Free version 1.77.001 allows remote attackers to execute arbitrary code via a long playlist in an Ots File List (.ofl) file.
by Stack
WordPress < 2.8.1 - Unauthenticated Sensitive Information Exposure via Plugin Configuration
wp-admin/admin.php in WordPress and WordPress MU before 2.8.1 does not require administrative authentication to access the configuration of a plugin, which allows remote attackers to specify a configuration file in the page parameter to obtain sensitive information or modify this file, as demonstrated by the (1) collapsing-archives/options.txt, (2) akismet/readme.txt, (3) related-ways-to-take-action/options.php, (4) wp-security-scan/securityscan.php, and (5) wp-ids/ids-admin.php files. NOTE: this can be leveraged for cross-site scripting (XSS) and denial of service.
by Core Security
ToyLog 0.1 - SQL Injection via idm Parameter
SQL injection vulnerability in read.php in ToyLog 0.1 allows remote attackers to execute arbitrary SQL commands via the idm parameter.
by darkjoker
phpBMS 0.96 - Exposure of Sensitive Information via Direct Request
phpBMS 0.96 allows remote attackers to obtain sensitive information via a direct request to (1) footer.php, (2) header.php, (3) the show action in advancedsearch.php, and (4) choicelist.php, which reveals the installation path in an error message.
by eLwaux
Phenotype CMS < 2.9 - SQL Injection via Login Name Parameter
SQL injection vulnerability in _phenotype/admin/login.php in Phenotype CMS before 2.9 allows remote attackers to execute arbitrary SQL commands via the user parameter (aka the login name).
by Khashayar Fereidani
MyMsg 1.0.3 - Authenticated SQL Injection via Profile.php uid Parameter
SQL injection vulnerability in Profile.php in MyMsg 1.0.3 allows remote authenticated users to execute arbitrary SQL commands via the uid parameter in a show action.
by Monster-Dz
LionWiki 3.0.3 - Path Traversal via Page Parameter
Directory traversal vulnerability in index.php in LionWiki 3.0.3, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter.
by MoDaMeR
Joomla! Component com_propertylab - 'auction_id' SQL Injection
by Chip d3 bi0s
Jobbr 2.2.7 - SQL Injection via emp_id Parameter
SQL injection vulnerability in co-profile.php in Jobbr 2.2.7 allows remote attackers to execute arbitrary SQL commands via the emp_id parameter.
by Moudi
GenCMS 2006 - Path Traversal via 'p' Parameter in show.php and 'Template' Parameter in admin/pages/SiteNew.php
Multiple directory traversal vulnerabilities in GenCMS 2006 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) p parameter to show.php and the (2) Template parameter to admin/pages/SiteNew.php.
by eLwaux
Ebay Clone 2009 - Cross-Site Scripting via Search Mode Parameter
Cross-site scripting (XSS) vulnerability in search.php in Ebay Clone 2009 allows remote attackers to inject arbitrary web script or HTML via the mode parameter.
by Moudi
Digitaldesign CMS 0.1 - Info Disclosure
Digitaldesign CMS 0.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for autoconfig.dd.
by darkjoker
HTC / Windows Mobile OBEX FTP Service - Directory Traversal
by Alberto Tablado
TalkBack 2.3.14 - Remote Code Execution via Import.php Result Parameter
addons/import.php in TalkBack 2.3.14 allows remote attackers to execute arbitrary commands via the result parameter.
by JIKO
TalkBack < 2.3.6.2 - Remote File Inclusion via Language Parameter
Directory traversal vulnerability in install/help.php in TalkBack 2.3.5, and other versions before 2.3.6.2, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the language parameter.
by JIKO
Marcelo Costa FileServer <1.0 - Path Traversal
Directory traversal vulnerability in the Marcelo Costa FileServer component 1.0 for Microsoft Windows Live Messenger and Messenger Plus! Live (MPL) allows remote authenticated users to list arbitrary directories and read arbitrary files via a .. (dot dot) in a pathname.
by joepie91
Soulseek 156 and 157 NS - Stack-Based Buffer Overflow via Long Search Query
Stack-based buffer overflow in Soulseek 156 and 157 NS allows remote attackers to execute arbitrary code via a long search query.
by laurent gaffié
webasyst shop-script - Blind SQL Injection / Cross-Site Scripting
by Vrs-hCk
WebAsyst Shop-Script - 'index.php' Cross-Site Scripting
by Vrs-hCk
TalkBack 2.3.14 - Unauthenticated Comment Modification via comments.php
TalkBack 2.3.14 does not properly restrict access to the edit comment feature (comments.php), which allows remote attackers to modify comments.
by JIKO
StatsCode - Multiple Cross-Site Scripting Vulnerabilities
by 599eme Man
By Source