Text Exploits

31,392 exploits tracked across all sources.

Sort: Activity Stars
CVE-2009-3751 EXPLOITDB text VERIFIED
Opial 1.0 - Cross-Site Scripting via genres_parent Parameter
Cross-site scripting (XSS) vulnerability in home.php in Opial 1.0 allows remote attackers to inject arbitrary web script or HTML via the genres_parent parameter.
by LMaster
CVE-2009-3753 EXPLOITDB text VERIFIED
Opial 1.0 - Unauthenticated Arbitrary File Upload and Remote Code Execution via User Image
Unrestricted file upload vulnerability in Opial 1.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension as a User Image, then accessing it via a request to the file in userimages, related to register.php.
by LMaster
EIP-2026-108301 EXPLOITDB text VERIFIED
Joomla! Component com_category - 'catid' SQL Injection
by Prince_Pwn3r
CVE-2009-3712 EXPLOITDB text VERIFIED
Ebay Clone 2009 - SQL Injection via user_id or item_id Parameter
Multiple SQL injection vulnerabilities in Ebay Clone 2009 allow remote attackers to execute arbitrary SQL commands via the (1) user_id parameter to feedback.php; and the item_id parameter to (2) view_full_size.php, (3) classifide_ad.php, and (4) crosspromoteitems.php.
by MizoZ
EIP-2026-106332 EXPLOITDB text VERIFIED
d.net CMS - Arbitrary Reinstall/Blind SQL Injection
by darkjoker
CVE-2009-2336 EXPLOITDB text VERIFIED
WordPress and WordPress MU < 2.8.1 - Username Enumeration via Forgotten Mail Interface
The forgotten mail interface in WordPress and WordPress MU before 2.8.1 exhibits different behavior for a password request depending on whether the user account exists, which allows remote attackers to enumerate valid usernames. NOTE: the vendor reportedly disputes the significance of this issue, indicating that the behavior exists for "user convenience."
by Core Security
CVE-2009-2335 EXPLOITDB text VERIFIED
WordPress < 2.8.1 - Username Enumeration via Failed Login Behavior
WordPress and WordPress MU before 2.8.1 exhibit different behavior for a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames. NOTE: the vendor reportedly disputes the significance of this issue, indicating that the behavior exists for "user convenience."
by Core Security
CVE-2009-3759 EXPLOITDB HIGH text VERIFIED
Citrix XenCenterWeb - Cross-Site Request Forgery via Password Change or VM Stop
Multiple cross-site request forgery (CSRF) vulnerabilities in sample code in the XenServer Resource Kit in Citrix XenCenterWeb allow remote attackers to hijack the authentication of administrators for (1) requests that change the password via the username parameter to config/changepw.php or (2) stop a virtual machine via the stop_vmname parameter to hardstopvm.php. NOTE: some of these details are obtained from third party information.
by Secure Network
CVSS 8.8
CVE-2009-3758 EXPLOITDB text VERIFIED
Citrix XenCenterWeb - SQL Injection via login.php Username Parameter
SQL injection vulnerability in login.php in sample code in the XenServer Resource Kit in Citrix XenCenterWeb allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information.
by Secure Network
CVE-2009-3757 EXPLOITDB text VERIFIED
Citrix XenCenterWeb - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in sample code in the XenServer Resource Kit in Citrix XenCenterWeb allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter to config/edituser.php; (2) location, (3) sessionid, and (4) vmname parameters to console.php; (5) vmrefid and (6) vmname parameters to forcerestart.php; and (7) vmname and (8) vmrefid parameters to forcesd.php. NOTE: some of these details are obtained from third party information.
by Secure Network
CVE-2009-3755 EXPLOITDB text VERIFIED
phpBMS 0.96 - Cross-Site Scripting via PATH_INFO
Multiple cross-site scripting (XSS) vulnerabilities in phpBMS 0.96 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) index.php and (2) modules\base\myaccount.php; and the PATH_INFO to (3) modules_view.php, (4) tabledefs_options.php, and (5) adminsettings.php in phpbms\modules\base\.
by eLwaux
CVE-2009-3754 EXPLOITDB text VERIFIED
phpBMS 0.96 - SQL Injection via id/f/tid Parameters
Multiple SQL injection vulnerabilities in phpBMS 0.96 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to modules/bms/invoices_discount_ajax.php, (2) f parameter to dbgraphic.php, and (3) tid parameter in a show action to advancedsearch.php.
by eLwaux
CVE-2009-3760 EXPLOITDB text VERIFIED
Citrix XenCenterWeb - Remote Code Execution via config/writeconfig.php Pool1 Parameter
Static code injection vulnerability in config/writeconfig.php in the sample code in the XenServer Resource Kit in Citrix XenCenterWeb allows remote attackers to inject arbitrary PHP code into include/config.ini.php via the pool1 parameter. NOTE: some of these details are obtained from third party information.
by Secure Network
CVE-2009-3812 EXPLOITDB text VERIFIED
OtsAV DJ, Radio, and TV 1.85.64.0 - Heap-Based Buffer Overflow via Long Playlist in OFL File
Heap-based buffer overflow in OtsAV DJ trial version 1.85.64.0, Radio trial version 1.85.64.0, TV trial version 1.85.64.0, and Free version 1.77.001 allows remote attackers to execute arbitrary code via a long playlist in an Ots File List (.ofl) file.
by Stack
CVE-2009-2334 EXPLOITDB text VERIFIED
WordPress < 2.8.1 - Unauthenticated Sensitive Information Exposure via Plugin Configuration
wp-admin/admin.php in WordPress and WordPress MU before 2.8.1 does not require administrative authentication to access the configuration of a plugin, which allows remote attackers to specify a configuration file in the page parameter to obtain sensitive information or modify this file, as demonstrated by the (1) collapsing-archives/options.txt, (2) akismet/readme.txt, (3) related-ways-to-take-action/options.php, (4) wp-security-scan/securityscan.php, and (5) wp-ids/ids-admin.php files. NOTE: this can be leveraged for cross-site scripting (XSS) and denial of service.
by Core Security
CVE-2009-3750 EXPLOITDB text VERIFIED
ToyLog 0.1 - SQL Injection via idm Parameter
SQL injection vulnerability in read.php in ToyLog 0.1 allows remote attackers to execute arbitrary SQL commands via the idm parameter.
by darkjoker
CVE-2009-3756 EXPLOITDB text VERIFIED
phpBMS 0.96 - Exposure of Sensitive Information via Direct Request
phpBMS 0.96 allows remote attackers to obtain sensitive information via a direct request to (1) footer.php, (2) header.php, (3) the show action in advancedsearch.php, and (4) choicelist.php, which reveals the installation path in an error message.
by eLwaux
CVE-2009-3543 EXPLOITDB text VERIFIED
Phenotype CMS < 2.9 - SQL Injection via Login Name Parameter
SQL injection vulnerability in _phenotype/admin/login.php in Phenotype CMS before 2.9 allows remote attackers to execute arbitrary SQL commands via the user parameter (aka the login name).
by Khashayar Fereidani
CVE-2009-3528 EXPLOITDB text VERIFIED
MyMsg 1.0.3 - Authenticated SQL Injection via Profile.php uid Parameter
SQL injection vulnerability in Profile.php in MyMsg 1.0.3 allows remote authenticated users to execute arbitrary SQL commands via the uid parameter in a show action.
by Monster-Dz
CVE-2009-3534 EXPLOITDB text VERIFIED
LionWiki 3.0.3 - Path Traversal via Page Parameter
Directory traversal vulnerability in index.php in LionWiki 3.0.3, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter.
by MoDaMeR
EIP-2026-108497 EXPLOITDB text VERIFIED
Joomla! Component com_propertylab - 'auction_id' SQL Injection
by Chip d3 bi0s
CVE-2009-2427 EXPLOITDB text VERIFIED
Jobbr 2.2.7 - SQL Injection via emp_id Parameter
SQL injection vulnerability in co-profile.php in Jobbr 2.2.7 allows remote attackers to execute arbitrary SQL commands via the emp_id parameter.
by Moudi
CVE-2009-3825 EXPLOITDB text VERIFIED
GenCMS 2006 - Path Traversal via 'p' Parameter in show.php and 'Template' Parameter in admin/pages/SiteNew.php
Multiple directory traversal vulnerabilities in GenCMS 2006 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) p parameter to show.php and the (2) Template parameter to admin/pages/SiteNew.php.
by eLwaux
CVE-2009-2424 EXPLOITDB text VERIFIED
Ebay Clone 2009 - Cross-Site Scripting via Search Mode Parameter
Cross-site scripting (XSS) vulnerability in search.php in Ebay Clone 2009 allows remote attackers to inject arbitrary web script or HTML via the mode parameter.
by Moudi
CVE-2009-3597 EXPLOITDB text VERIFIED
Digitaldesign CMS 0.1 - Info Disclosure
Digitaldesign CMS 0.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for autoconfig.dd.
by darkjoker