Exploitdb Exploits
31,369 exploits tracked across all sources.
Small Pirate 2.1 - SQL Injection via id Parameter
Multiple SQL injection vulnerabilities in Small Pirate (SPirate) 2.1 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to the default URI in an rss .xml action, or the id parameter to (2) pag1.php, (3) pag1-guest.php, (4) rss-comment_post.php (aka rss-coment_post.php), or (5) rss-pic-comment.php.
by YEnH4ckEr
Million Dollar Text Links <1.0 - SQL Injection
SQL injection vulnerability in admin.link.modify.php in Million Dollar Text Links 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Qabandi
ecshop 2.6.2 - Multiple Remote Command Execution Vulnerabilities
by Securitylab.ir
Arab Portal 2.2 - SQL Injection via X-Forwarded-For or Client-IP Header
Multiple SQL injection vulnerabilities in admin/aclass/admin_func.php in Arab Portal 2.2 allow remote attackers to execute arbitrary SQL commands via the (1) X-Forwarded-For or (2) Client-IP HTTP header in a request to the default URI under admin/.
by sniper code
amember 3.1.7 - Cross-Site Scripting / SQL Injection / HTML Injection
by intern0t
Webboard 2.90 beta - Path Traversal
Multiple directory traversal vulnerabilities in view.php in Webboard 2.90 beta and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the topic parameter.
by MrDoug
Webboard 2.90 beta - Path Traversal
Multiple directory traversal vulnerabilities in view.php in Webboard 2.90 beta and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the topic parameter.
by MrDoug
Firefox - Denial of Service via KEYGEN Element with Automatic Refresh
Mozilla Firefox 3.0.10 allows remote attackers to cause a denial of service (infinite loop, application hang, and memory consumption) via a KEYGEN element in conjunction with (1) a META element specifying automatic page refresh or (2) a JavaScript onLoad event handler for a BODY element. NOTE: it was later reported that earlier versions are also affected.
by Thierry Zoller
Adobe Acrobat 9.1.1 (OSX/Windows) - Stack Overflow Crash (PoC)
by Saint Patrick
Adobe Acrobat 9.x < 9.1.3, 8.x < 8.1.6, 7.x < 7.1.4 - Denial of Service via PDF Alert Method
Stack consumption vulnerability in Adobe Reader and Acrobat 9.1.3, 9.1.2, 9.1.1, and earlier 9.x versions; 8.1.6 and earlier 8.x versions; and possibly 7.1.4 and earlier 7.x versions allows remote attackers to cause a denial of service (application crash) via a PDF file with a large number of [ (open square bracket) characters in the argument to the alert method. NOTE: some of these details are obtained from third party information.
by Saint Patrick
SonicWALL SSL-VPN - 'cgi-bin/welcome/VirtualOffice' Remote Format String
by Patrick Webster
Achievo 1.3.4 - Multiple Cross-Site Scripting Vulnerabilities
by MaXe
SiteX < 0.7.4 - Path Traversal via THEME_FOLDER Parameter
Multiple directory traversal vulnerabilities in SiteX 0.7.4 Build 418 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the THEME_FOLDER parameter to (1) Corporate/homepage.php, (2) Fusion/homepage.php, (3) Joombo/homepage.php, (4) Streamline/homepage.php, and (5) Structure/homepage.php in themes/.
by ahmadbady
PHP-Nuke 8.0 - SQL Injection via HTTP Referer Header
SQL injection vulnerability in main/tracking/userLog.php in Francisco Burzi PHP-Nuke 8.0 allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header.
by Gerendi Sandor Attila
Million Dollar Text Links 1.0 - Unauthenticated Authentication Bypass via userid Cookie
Million Dollar Text Links 1.0 allows remote attackers to bypass authentication and gain administrative access by setting the userid cookie to 1.
by HxH
JoomlaMe AgoraGroups 0.3.5.3 - SQL Injection via id Parameter
SQL injection vulnerability in the JoomlaMe AgoraGroups (aka AG or com_agoragroup) component 0.3.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a groupdetail action to index.php.
by Chip d3 bi0s
AdPeeps 8.5d1 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in index.php in AdPeeps 8.5d1 allow remote attackers to inject arbitrary web script or HTML via the (1) uid parameter, (2) uid parameter in a login_lookup action, (3) uid parameter in an adminlogin action, (4) campaignid parameter in a createcampaign action, (5) type parameter in a view_account_stats action, (6) period parameter in a view_account_stats action, (7) uid parameter in a view_adrates action, (8) accname parameter in an account_confirmation action, (9) loginpass parameter in an account_confirmation action, (10) e9 parameter in a setup_account action, (11) from parameter in an email_advertisers action, (12) message parameter in an email_advertisers action, (13) idno parameter in an edit_ad_package action, (14) Advertiser Name field, (15) First Name field, (16) Last Name field, (17) Address field, (18) Phone Number field, (19) Password Hint field, or (20) URL field; and (21) allow remote authenticated users to inject arbitrary web script or HTML via an unspecified form associated with a view_adrates action.
by intern0t
Evernew Free Joke Script 1.2 - 'cat_id' SQL Injection
by taRentReXx
Easy PX 41 CMS 9.0 B1 - Path Traversal via Fiche Parameter
Directory traversal vulnerability in index.php in Easy PX 41 CMS 9.0 B1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the fiche parameter.
by ThE g0bL!N
Sendmail < 8.13.2 - Heap-Based Buffer Overflow via Long X- Header
Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header.
by Simple Nomad
RoomPHPlanning 1.6 - Unauthenticated Arbitrary User and Room Deletion via admin/delitem.php
admin/delitem.php in RoomPHPlanning 1.6 does not require authentication, which allows remote attackers to (1) delete arbitrary users via the user parameter or (2) delete arbitrary rooms via the room parameter.
by ThE g0bL!N
RoomPHPlanning 1.6 - SQL Injection via Login Parameter or Old Password Field
Multiple SQL injection vulnerabilities in RoomPHPlanning 1.6 allow remote attackers to execute arbitrary SQL commands via (1) the loginus parameter to Login.php or (2) the Old Password field to changepwd.php, and allow (3) remote authenticated administrators to execute arbitrary SQL commands via the id parameter to admin/userform.php.
by ThE g0bL!N
ArcaBit ArcaVir 2009 - Local Privilege Escalation via ps_drv.sys IOCTL Requests
The ps_drv.sys kernel driver in ArcaBit ArcaVir 2009 Antivirus Protection 9.4.3201.9 and earlier, ArcaVir 2009 Internet Security 9.4.3202.9 and earlier, ArcaVir 2009 System Protection 9.4.3203.9 and earlier, and ArcaBit 2009 Home Protection 9.4.3204.9 and earlier, allows local users to gain privileges via crafted METHOD_NEITHER IOCTL requests to \Device\ps_drv containing arbitrary kernel addresses, as demonstrated using the (1) 0x2A7B802B and possibly (2) 0x2A7B8004 and (3) 0x2A7B802F IOCTLs.
by NT Internals
Soulseek 156 and 157 NS - Stack-Based Buffer Overflow via Long Search Query
Stack-based buffer overflow in Soulseek 156 and 157 NS allows remote attackers to execute arbitrary code via a long search query.
by laurent gaffié
By Source