Text Exploits
31,394 exploits tracked across all sources.
DMXReady Classified Listings Manager <1.1 - SQL Injection
SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Classified Listings Manager 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter.
by ajann
netsurf Web browser 1.2 - Multiple Vulnerabilities
by Jeremy Brown
phplist < 2.10.8 - Remote Code Execution via _SERVER[ConfigFile] Parameter
Dynamic variable evaluation vulnerability in lists/admin.php in phpList 2.10.8 and earlier, when register_globals is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the _SERVER[ConfigFile] parameter to admin/index.php.
by BugReport.IR
Php Photo Album (PHPPA) 0.8 BETA - Path Traversal
Directory traversal vulnerability in index.php in Php Photo Album (PHPPA) 0.8 BETA allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the preview parameter.
by Osirys
Joomla! Component Fantasytournament - SQL Injection
by H!tm@N
Joomla! Component Camelcitydb2 2.2 - SQL Injection
by H!tm@N
DMXReady Secure Document Library <1.1 - SQL Injection
SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Secure Document Library 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter.
by ajann
Dark Age CMS 0.2c beta - SQL Injection
SQL injection vulnerability in login.php in Dark Age CMS 0.2c beta allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by darkjoker
Oracle Secure Backup 10g - 'exec_qr()' Command Injection
by Joxean Koret
Cisco IOS 11.0-12.4 - Cross-Site Scripting via HTTP Server URI Parameters
Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI.
by Adrian Pastor
ATCOM Netvolution 1.0 ASP - Cross-Site Scripting via Email Variable
Cross-site scripting (XSS) vulnerability in ATCOM Netvolution 1.0 ASP allows remote attackers to inject arbitrary web script or HTML via the email variable.
by Ellinas
DMXReady Registration Manager 1.1 - Contents Change
by ajann
DMXReady Photo Gallery Manager 1.1 - Contents Change
by ajann
DMXReady PayPal Store Manager 1.1 - Contents Change
by ajann
DMXReady Member Directory Manager <1.1 - SQL Injection
SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Member Directory Manager 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter.
by ajann
DMXReady Links Manager 1.1 - Remote Contents Change
by ajann
DMXReady Document Library Manager 1.1 - Contents Change
by ajann
DMXReady Contact Us Manager 1.1 - Remote Contents Change
by ajann
DMXReady Secure Document Library <1.1 - SQL Injection
SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Secure Document Library 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter.
by ajann
By Source