Text Exploits

31,394 exploits tracked across all sources.

Sort: Activity Stars
CVE-2006-2268 EXPLOITDB text VERIFIED
FlexCustomer <= 0.0.6 - SQL Injection via checkuser/checkpass or username/password Parameters
SQL injection vulnerability in FlexCustomer 0.0.4 and earlier allows remote attackers to bypass authentication and execute arbitrary SQL commands via the admin and ordinary user interface, probably involving the (1) checkuser and (2) checkpass parameters to (a) admin/index.php, and (3) username and (4) password parameters to (b) index.php. NOTE: it was later reported that 0.0.6 is also affected.
by Osirys
CVE-2008-5817 EXPLOITDB text VERIFIED
Web Scribble Solutions webClassifieds 2005 - SQL Injection
Multiple SQL injection vulnerabilities in index.php in Web Scribble Solutions webClassifieds 2005 allow remote attackers to execute arbitrary SQL commands via the (1) user and (2) password fields in a sign_in action.
by AnGeL25dZ
CVE-2008-6757 EXPLOITDB text VERIFIED
ViArt Shop 3.5 - Cross-Site Scripting via Manuals Search Parameter
Cross-site scripting (XSS) vulnerability in manuals_search.php in ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to inject arbitrary web script or HTML via the manuals_search parameter.
by Xia Shing Zee
CVE-2008-6918 EXPLOITDB text VERIFIED
ThePortal2 2.2 - Unauthenticated Arbitrary File Upload and Remote Code Execution via Galeria Admin Endpoint
Unrestricted file upload vulnerability in admin/galeria.php in ThePortal2 2.2 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in galeria/.
by siurek22
CVE-2008-5815 EXPLOITDB text VERIFIED
phpAlumni - SQL Injection via Acomment.php id Parameter
SQL injection vulnerability in Acomment.php in phpAlumni allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Mr.SQL
EIP-2026-108451 EXPLOITDB text VERIFIED
Joomla! Component com_na_content 1.0 - Blind SQL Injection
by Mehmet Ince
EIP-2026-107299 EXPLOITDB text VERIFIED
FubarForum 1.6 - Authentication Bypass Change User Password
by R31P0l
CVE-2008-6241 EXPLOITDB text VERIFIED
FlexPHPSite 0.0.1 and 0.0.7 - SQL Injection via User Check Parameters
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPSite 0.0.1 and 0.0.7, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the checkuser parameter (aka username field), or (2) the checkpass parameter (aka password field), to admin/index.php.
by x0r
CVE-2008-6730 EXPLOITDB text VERIFIED
FlexPHPLink Pro 0.0.6 and 0.0.7 - SQL Injection via Usercheck Parameters
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPLink Pro 0.0.6 and 0.0.7, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the checkuser parameter (aka username field), or (2) the checkpass parameter (aka password field), to admin/index.php.
by x0r
CVE-2008-6750 EXPLOITDB text VERIFIED
FlexPHPDirectory 0.0.1 - Unauthenticated Arbitrary File Upload via add.php
Unrestricted file upload vulnerability in add.php in FlexPHPDirectory 0.0.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in photo/.
by x0r
CVE-2008-6761 EXPLOITDB text VERIFIED
Flexcustomer 0.0.6 - Remote Code Execution via Database Name Parameter
Static code injection vulnerability in admin/install.php in Flexcustomer 0.0.6 might allow remote attackers to inject arbitrary PHP code into const.inc.php via the installdbname parameter (aka the Database Name field). NOTE: the installation instructions specify deleting admin/install.php.
by Osirys
CVE-2008-5820 EXPLOITDB text VERIFIED
eDreamers eDNews 2 - SQL Injection via newsid Parameter
SQL injection vulnerability in eDNews_view.php in eDreamers eDNews 2 allows remote attackers to execute arbitrary SQL commands via the newsid parameter.
by Virangar Security
CVE-2008-5819 EXPLOITDB text VERIFIED
eDreamers eDNews <2 - Path Traversal
Directory traversal vulnerability in eDNews_archive.php in eDreamers eDNews 2, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lg parameter. NOTE: some of these details are obtained from third party information.
by GoLd_M
CVE-2008-5818 EXPLOITDB text VERIFIED
eDreamers eDContainer <2.22 - Path Traversal
Directory traversal vulnerability in index.php in eDreamers eDContainer 2.22, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lg parameter. NOTE: some of these details are obtained from third party information.
by GoLd_M
CVE-2006-7236 EXPLOITDB text VERIFIED
xterm - Remote Code Execution via Escape Sequences
The default configuration of xterm on Debian GNU/Linux sid and possibly Ubuntu enables the allowWindowOps resource, which allows user-assisted attackers to execute arbitrary code or have unspecified other impact via escape sequences.
by Paul Szabo
CVE-2008-6151 EXPLOITDB text VERIFIED
SepCity Shopping Mall - SQL Injection via shpdetails.asp ID Parameter
SQL injection vulnerability in shpdetails.asp in SepCity Shopping Mall allows remote attackers to execute arbitrary SQL commands via the ID parameter.
by Osmanizim
CVE-2008-6152 EXPLOITDB text VERIFIED
SepCity Faculty Portal - SQL Injection via deptdisplay.asp ID Parameter
SQL injection vulnerability in deptdisplay.asp in SepCity Faculty Portal allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: this was originally reported for Lawyer Portal, which does not have a deptdisplay.asp file.
by Osmanizim
CVE-2008-6157 EXPLOITDB HIGH text VERIFIED
SepCity Classified Ads - Cleartext Storage of Sensitive Information in data/classifieds.mdb
SepCity Classified Ads stores the admin password in cleartext in data/classifieds.mdb, which allows context-dependent attackers to obtain sensitive information.
by S.W.A.T.
CVSS 7.5
EIP-2026-100413 EXPLOITDB text VERIFIED
Mavi Emlak - 'newDetail.asp' SQL Injection
by Sina Yazdanmehr
EIP-2026-100401 EXPLOITDB text VERIFIED
Madrese-Portal - 'haber.asp' SQL Injection
by Sina Yazdanmehr
CVE-2008-5745 EXPLOITDB text VERIFIED
Microsoft Windows Media Player <11.0.5721.5260 - DoS
Integer overflow in quartz.dll in the DirectShow framework in Microsoft Windows Media Player (WMP) 9, 10, and 11, including 11.0.5721.5260, allows remote attackers to cause a denial of service (application crash) via a crafted (1) WAV, (2) SND, or (3) MID file. NOTE: this has been incorrectly reported as a code-execution vulnerability. NOTE: it is not clear whether this issue is related to CVE-2008-4927.
by laurent gaffié
CVE-2008-6763 EXPLOITDB text VERIFIED
Silentum LoginSys 1.0.0 - Unauthenticated Authentication Bypass via logged_in Cookie
login2.php in Silentum LoginSys 1.0.0 allows remote attackers to bypass authentication and obtain access to an arbitrary account by setting the logged_in cookie to that account's username.
by Osirys
CVE-2008-5733 EXPLOITDB text VERIFIED
Team Impact TI Blog System - SQL Injection
SQL injection vulnerability in blog.php in the Team Impact TI Blog System mod for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Khashayar Fereidani
CVE-2008-6143 EXPLOITDB text VERIFIED
OwenPoll 1.0 - Unauthenticated Authentication Bypass via Username Cookie
OwenPoll 1.0 allows remote attackers to bypass authentication and obtain administrative access via a modified account name in the username cookie.
by Osirys
CVE-2008-6582 EXPLOITDB text VERIFIED
Miniweb 2.0 - SQL Injection via Username Parameter
SQL injection vulnerability in index.php in Miniweb 2.0 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action.
by bizzit