Text Exploits
31,392 exploits tracked across all sources.
AWScripts.com Gallery Search Engine 1.5 - Auth Bypass
The admin interface in AWScripts.com Gallery Search Engine 1.5 allows remote attackers to bypass authentication and gain administrative access by setting the awse_logged cookie to 1.
by TiGeR-Dz
S.T.A.L.K.E.R. Clear Sky 1.0010 - Remote Denial of Service
by Luigi Auriemma
MIDAS 1.43 - Unauthenticated Authentication Bypass via Admin Cookie
MIDAS 1.43 allows remote attackers to bypass authentication and obtain administrative access via an admin account record in a MIDAS cookie.
by HxH
Mozilla Firefox <3.0.12 - Memory Corruption
The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in Mozilla Firefox before 3.0.12, SeaMonkey 2.0a1pre, and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to loading multiple RDF files in a XUL tree element.
by Christophe Charron
YourFreeWorld Programs Rating Script - XSS
Multiple cross-site scripting (XSS) vulnerabilities in YourFreeWorld Programs Rating Script allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) rate.php and (2) postcomments.php.
by Moudi
YourFreeWorld Programs Rating Script - XSS
Multiple cross-site scripting (XSS) vulnerabilities in YourFreeWorld Programs Rating Script allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) rate.php and (2) postcomments.php.
by Moudi
Crysis 1.21/1.5 - HTTP/XML-RPC Service Access Violation Remote Denial of Service
by Luigi Auriemma
Edraw PDF Viewer Component <3.2.0.126 - RCE
Insecure method vulnerability in the PDFVIEWER.PDFViewerCtrl.1 ActiveX control (pdfviewer.ocx) in Edraw PDF Viewer Component before 3.2.0.126 allows remote attackers to create and overwrite arbitrary files via a URL argument to the FtpConnect argument and a target filename argument to the FtpDownloadFile method. NOTE: this can be leveraged for code execution by writing to a Startup folder.
by Jambalaya
CMS buzz - Cross-Site Scripting / Password Change / HTML Injection
by ThE g0bL!N
fuzzylime_cms <= 3.03a - Remote File Inclusion via Directory Traversal
Multiple directory traversal vulnerabilities in fuzzylime (cms) 3.03a and earlier, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) list parameter to code/confirm.php and the (2) template parameter to code/display.php.
by StAkeR
TekBase All-in-One 3.1 - SQL Injection
Multiple SQL injection vulnerabilities in TekBase All-in-One 3.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) ids parameter to admin.php, the (2) y parameter to members.php, and other unspecified vectors. NOTE: vector 1 requires administrative access.
by n3wb0ss
phPortal 1.0 - Unauthenticated Authentication Bypass via kulladi Cookie
uye_paneli.php in phPortal 1.0 allows remote attackers to bypass authentication and obtain administrative access by setting the kulladi cookie to a valid username.
by KnocKout
phpfk 7.03 - Path Traversal and Arbitrary File Inclusion via _FORUM[settings_design_style] Parameter
Directory traversal vulnerability in include/page_bottom.php in phpFK 7.03 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the _FORUM[settings_design_style] parameter.
by ahmadbady
Fuzzylime CMS <3.03a - Path Traversal
code/display.php in fuzzylime (cms) 3.03a and earlier, when magic_quotes_gpc is disabled, allows remote attackers to conduct directory traversal attacks and overwrite arbitrary files via a "....//" (dot dot) in the s parameter, which is collapsed into a "../" value.
by StAkeR
FretsWeb 1.2 - Path Traversal via Language Parameter or Cookie
Multiple directory traversal vulnerabilities in FretsWeb 1.2 allow remote attackers to read arbitrary files via directory traversal sequences in the (1) language parameter to charts.php and the (2) fretsweb_language cookie parameter to unspecified vectors, possibly related to admin/common.php.
by YEnH4ckEr
Linux kernel 2.6.30-2.6.30.1 - Privilege Escalation
The tun_chr_poll function in drivers/net/tun.c in the tun subsystem in the Linux kernel 2.6.30 and 2.6.30.1, when the -fno-delete-null-pointer-checks gcc option is omitted, allows local users to gain privileges via vectors involving a NULL pointer dereference and an mmap of /dev/net/tun, a different vulnerability than CVE-2009-1894.
by Christian Borntraeger
McAfee 3.6.0.608 - 'naPolicyManager.dll' ActiveX Arbitrary Data Write
by callAX
World in Conflict 1.0.1 - Typecheck Remote Denial of Service
by Luigi Auriemma
elvinbts 1.2.0 - Cross-Site Request Forgery via Logout Action
Cross-site request forgery (CSRF) vulnerability in login.php in Elvin 1.2.0 allows remote attackers to hijack the authentication of arbitrary users via a logout action.
by SirGod
elvinbts 1.2.0 - Cross-Site Scripting via show_activity.php id Parameter
Cross-site scripting (XSS) vulnerability in show_activity.php in Elvin 1.2.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
by SirGod
elvinbts 1.2.0 - Path Traversal via Page.php ID Parameter
Directory traversal vulnerability in page.php in Elvin 1.2.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the id parameter.
by SirGod
elvinbts 1.2.0 - SQL Injection via Username or Password Parameter
Multiple SQL injection vulnerabilities in Elvin 1.2.0 allow remote attackers to execute arbitrary SQL commands via the (1) inUser (aka Username) and (2) inPass (aka Password) parameters to (a) inc/login.ei, reachable through login.php; and the (3) id parameter to (b) show_bug.php and (c) show_activity.php. NOTE: it was later reported that vector 3c also affects 1.2.2.
by SirGod
Netgear DG632 3.4.0_ap - Auth Bypass
The administrative web interface on the Netgear DG632 with firmware 3.4.0_ap allows remote attackers to bypass authentication via a direct request to (1) gateway/commands/saveconfig.html, and (2) stattbl.htm, (3) modemmenu.htm, (4) onload.htm, (5) form.css, (6) utility.js, and possibly (7) indextop.htm in html/.
by Tom Neaves
By Source