Text Exploits
31,394 exploits tracked across all sources.
Built2Go PHP Link Portal 1.95.1 - Arbitrary File Upload
by ZoRLu
PHP < 5.2.8 - Exposure of Sensitive Information via imageRotate Function
Array index error in the imageRotate function in PHP 5.2.8 and earlier allows context-dependent attackers to read the contents of arbitrary memory locations via a crafted value of the third argument (aka the bgd_color or clrBack argument) for an indexed image.
by Hamid Ebadi
VMware Workstation/Player/ACE/Server/Fusion DoS via Long USER/PASS Command
vmwarebase.dll, as used in the vmware-authd service (aka vmware-authd.exe), in VMware Workstation 6.5.1 build 126130, 6.5.1 and earlier; VMware Player 2.5.1 build 126130, 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 2.0.x before 2.0.1 build 156745; and VMware Fusion before 2.0.2 build 147997 allows remote attackers to cause a denial of service (daemon crash) via a long (1) USER or (2) PASS command.
by laurent gaffié
KDE Konqueror 4.1 - Multiple Cross-Site Scripting / Denial of Service Vulnerabilities
by athos
w3b_cms < 3.3.0 - SQL Injection via Username Parameter
SQL injection vulnerability in admin/index.php in w3b>cms (aka w3blabor CMS) before 3.4.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the benutzername parameter (aka Username field) in a login action.
by DNX
ViArt Shop 3.5 - Unauthenticated Arbitrary Shopping Cart Access via cart_name Parameter
ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to access the contents of an arbitrary shopping cart via a modified cart_name parameter.
by Xia Shing Zee
PowerScripts PowerNews <2.5.4 - SQL Injection
SQL injection vulnerability in news.php in PowerScripts PowerNews 2.5.4, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the newsid parameter.
by Virangar Security
PowerClan 1.14a - SQL Injection via Login Email Parameter
SQL injection vulnerability in admin/index.php in PowerClan 1.14a allows remote attackers to execute arbitrary SQL commands via the loginemail parameter (aka login field). NOTE: some of these details are obtained from third party information.
by Virangar Security
phpScribe 0.9 - 'user.cfg' Remote Configuration Disclosure
by ahmadbady
EggBlog 3.1.10 - Cross-Site Request Forgery (Change Admin Password)
by x0r
ASPThai.Net Webboard 6.0 - SQL Injection
SQL injection vulnerability in bview.asp in ASPThai.Net Webboard 6.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by DaiMon
Konqueror 4.1 - Cross-Site Scripting / Remote Crash
by StAkeR
Nokia S60 SMS/MMS (Curse of Silence) - Denial of Service
by Tobias Engel
CMScout 2.06 - Authenticated SQL Injection via id Parameter
Multiple SQL injection vulnerabilities in CMScout 2.06 allow remote authenticated users to execute arbitrary SQL commands via the id parameter to (1) index.php in a mythings page (mythings.php) and (2) the users page in admin.php.
by SirGod
Mole Group Vacation Estate Listing Script - Blind SQL Injection
by x0r
FlexPHPic <0.0.4 - FlexPHPic Pro <0.0.3 - SQL Injection
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPic 0.0.4 and FlexPHPic Pro 0.0.3, and other 0.0.x versions, allow remote attackers to execute arbitrary SQL commands via (1) the checkuser parameter (aka username field), or (2) the checkpass parameter (aka password field), to admin/index.php.
by S.W.A.T.
CMScout 2.06 - Path Traversal via Bit Parameter
Multiple directory traversal vulnerabilities in CMScout 2.06, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the bit parameter to (1) admin.php and (2) index.php, different vectors than CVE-2008-3415.
by SirGod
audiofile 0.2.6 - Heap-Based Buffer Overflow via Crafted WAV File
Heap-based buffer overflow in msadpcm.c in libaudiofile in audiofile 0.2.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WAV file.
by Anton Khirnov
Symbian S60 - Malformed SMS/MMS Remote Denial of Service
by Tobias Engel
Jay Patel Pixel8 Web Photo Album 3.0 - SQL Injection via AlbumID Parameter
SQL injection vulnerability in Photo.asp in Jay Patel Pixel8 Web Photo Album 3.0 allows remote attackers to execute arbitrary SQL commands via the AlbumID parameter.
by AlpHaNiX
FlexPHPDirectory 0.0.1 - SQL Injection via checkuser or checkpass Parameters
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPDirectory 0.0.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) checkuser and (2) checkpass parameters.
by x0r
SepCity Classified Ads - SQL Injection via ID Parameter
SQL injection vulnerability in classdis.asp in SepCity Classified Ads allows remote attackers to execute arbitrary SQL commands via the ID parameter.
by S.W.A.T.
By Source