Text Exploits
31,394 exploits tracked across all sources.
YACS CMS 8.11 - 'update_trailer.php' Remote File Inclusion
by ahmadbady
RavenNuke 2.30 - Exposure of Sensitive Information via Invalid aFonts Parameter
images/captcha.php in RavenNuke 2.30 allows remote attackers to obtain sensitive information via an aFonts array parameter value that does not correspond to a valid font file, which reveals the installation path in an error message.
by waraxe
powermovielist 0.14b - SQL Injection / Cross-Site Scripting
by brain[pillow]
Enomaly Elastic Computing Platform <2.1.1 - Command Injection
Argument injection vulnerability in Enomaly Elastic Computing Platform (ECP), formerly Enomalism, before 2.1.1 allows local users to send signals to arbitrary processes by populating the /tmp/enomalism2.pid file with command-line arguments for the kill program.
by Sam Johnston
Linux kernel <2.6.27.19-2.6.28.7 - DoS
The make_indexed_dir function in fs/ext4/namei.c in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 does not validate a certain rec_len field, which allows local users to cause a denial of service (OOPS) by attempting to mount a crafted ext4 filesystem.
by Sami Liedes
FreeBSD 7.x - Remote Code Execution
sys_term.c in telnetd in FreeBSD 7.0-RELEASE and other 7.x versions deletes dangerous environment variables with a method that was valid only in older FreeBSD distributions, which might allow remote attackers to execute arbitrary code by passing a crafted environment variable from a telnet client, as demonstrated by an LD_PRELOAD value that references a malicious library.
by kingcope
MySQL < 5.1.32 and 6.0 < 6.0.10 - Authenticated Denial of Service via XPath FilterExpr in ExtractValue or UpdateXML
sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 allows remote authenticated users to cause a denial of service (crash) via "an XPath expression employing a scalar expression as a FilterExpr with ExtractValue() or UpdateXML()," which triggers an assertion failure.
by Shane Bester
IdeaCart 0.02 - SQL Injection via cID Parameter
SQL injection vulnerability in secure/index.php in IdeaCart 0.02 allows remote attackers to execute arbitrary SQL commands via the cID parameter.
by nuclear
Vlinks 1.0.3 and 1.1.6 - SQL Injection via id Parameter
SQL injection vulnerability in page.php in Vlinks 1.0.3 and 1.1.6 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by JIKO
IdeaCart 0.02 and 0.02a - Path Traversal via Page Parameter
Directory traversal vulnerability in index.php in IdeaCart 0.02 and 0.02a allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter.
by nuclear
PHP Krazy Image Host Script 1.01 - 'id' SQL Injection
by x0r
poppler < 0.10.4 - Denial of Service via JBIG2 Symbol Dictionary Parsing
The JBIG2Stream::readSymbolDictSeg function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file that triggers a parsing error, which is not properly handled by JBIG2SymbolDict::~JBIG2SymbolDict and triggers an invalid memory dereference.
by Romario
Baran CMS 1.0 - 'Arbitrary '.ASP' File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / Cookie Manipulation
by Aria-Security Team
Geovision Digital Video Surveillance System 8.2 - Path Traversal via GET Request
Directory traversal vulnerability in geohttpserver in Geovision Digital Video Surveillance System 8.2 allows remote attackers to read arbitrary files via a .. (dot dot) in a GET request.
by Dejan Levaja
Graugon Gallery 1.0 - Cross-Site Scripting / SQL Injection / Cookie Bypass
by x0r
dacio's CMS 1.08 - Cross-Site Scripting / SQL Injection / File Disclosure
by Mehmet Ince
ProFTPD Server <1.3.2rc2 - SQL Injection
SQL injection vulnerability in ProFTPD Server 1.3.1 through 1.3.2rc2 allows remote attackers to execute arbitrary SQL commands via a "%" (percent) character in the username, which introduces a "'" (single quote) character during variable substitution by mod_sql.
by gat3way
By Source