Exploitdb Exploits
31,351 exploits tracked across all sources.
PHP Link Directory 3.3 - SQL Injection via page.php name Parameter
SQL injection vulnerability in page.php in PHP Link Directory (phpLD) 3.3, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the name parameter.
by fuzion
phpGreetCards 3.7 - Unauthenticated Remote Code Execution via File Upload
Unrestricted file upload vulnerability in index.php in phpGreetCards 3.7 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a via a link that is listed by userfiles/number_shell.php.
by ahmadbady
phpEmployment 1.8 - Unauthenticated Arbitrary File Upload via auth.php regnew Action
Unrestricted file upload vulnerability in auth.php in phpEmployment 1.8 allows remote attackers to execute arbitrary code by uploading a file with an executable extension during a regnew action, then accessing it via a direct request to the file in photoes/.
by ahmadbady
phpAdBoard 1.8 - Unauthenticated Arbitrary File Upload via Photoes Directory
Unrestricted file upload vulnerability in index.php in phpAdBoard 1.8 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in photoes/.
by ahmadbady
com_lowcosthotels - SQL Injection via id Parameter
SQL injection vulnerability in the com_lowcosthotels component in the Hotel Booking Reservation System (aka HBS) for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php.
by Hussin X
com_lowcosthotels - SQL Injection via id Parameter
SQL injection vulnerability in the com_lowcosthotels component in the Hotel Booking Reservation System (aka HBS) for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php.
by Hussin X
AIST NetCat <= 3.12 - Open Redirect via Logoff or Link Manager
Multiple open redirect vulnerabilities in AIST NetCat 3.12 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the redirect parameter in a logoff action to modules/auth/index.php or (2) the url parameter to modules/linkmanager/redirect.php. NOTE: this was reported within an "HTTP Response Splitting" section in the original disclosure.
by s4avrd0w
YourPlace <= 1.0.2 - Unauthenticated Account Takeover via Username Collision
login/register_form.php in YourPlace 1.0.2 and earlier does not check that a username already exists when a new account is created, which allows remote attackers to bypass intended access restrictions by registering a new account with the username of a target user.
by Osirys
YourPlace <= 1.0.2 - Information Disclosure via phpinfo.php Direct Request
YourPlace 1.0.2 and earlier allows remote attackers to obtain sensitive system information via a direct request via a direct request to user/uploads/phpinfo.php, which calls the phpinfo function.
by Osirys
YourPlace <= 1.0.2 - Unauthenticated Sensitive Information Exposure via Direct Request
YourPlace 1.0.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to a database containing user credentials via a direct request for users.txt.
by Osirys
YourPlace <= 1.0.2 - Authenticated Arbitrary File Upload via upload.php
Unrestricted file upload vulnerability in upload.php in YourPlace 1.0.2 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file.
by Osirys
YourPlace <= 1.0.2 - Authenticated Static Code Injection via Internet Toolbar Parameters
Static code injection vulnerability in user/internettoolbar/edit.php in YourPlace 1.0.2 and earlier allows remote authenticated users to execute arbitrary PHP code into user/internettoolbar/index.php via the (1) fav1_url, (2) fav1_name, (3) fav2_url, (4) fav2_name, (5) fav3_url, (6) fav3_name, (7) fav4_url, (8) fav4_name, (9) fav5_url, or (10) fav5_name parameters.
by Osirys
Page Flip Image Gallery <0.2.2 - Path Traversal
Directory traversal vulnerability in getConfig.php in the Page Flip Image Gallery plugin 0.2.2 and earlier for WordPress, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the book_id parameter. NOTE: some of these details are obtained from third party information.
by GoLd_M
Text Lines Rearrange Script 1.0 - Path Traversal via Filename Parameter
Directory traversal vulnerability in download.php in Text Lines Rearrange Script 1.0, when register_globals is enabled, allows remote attackers to read arbitrary local files via directory traversal sequences in the filename parameter.
by SirGod
Chuggnutt HTML to Text Converter <5.2.10 - RCE
html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer before 5.2.10, RoundCube Webmail (roundcubemail) 0.2-1.alpha and 0.2-3.beta, Mahara, and AtMail Open 1.03, allows remote attackers to execute arbitrary code via crafted input that is processed by the preg_replace function with the eval switch.
by Jacobo Avariento
Volunteer Management System (com_volunteer) 2.0 - SQL Injection via job_id Parameter
SQL injection vulnerability in the Volunteer Management System (com_volunteer) module 2.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the job_id parameter in a jobshow action to index.php.
by boom3rang
Nodstrum MySQL Calendar <1.2 - SQL Injection
SQL injection vulnerability in index.php in Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to execute arbitrary SQL commands via the username parameter.
by StAkeR
COMTREND CT-536 / HG-536 Routers - Multiple Remote Vulnerabilities
by Daniel Fernandez Bleda
Cilekyazilim Chicomas - XSS
Cross-site scripting (XSS) vulnerability in index.php in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to inject arbitrary web script or HTML via the q parameter.
by BugReport.IR
com_tophotelmodule 1.0 - SQL Injection via id Parameter
SQL injection vulnerability in the Top Hotel (com_tophotelmodule) component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php.
by boom3rang
EnTech Taiwan PowerStrip <3.84 - Privilege Escalation
The NT kernel-mode driver (aka pstrip.sys) 5.0.1.1 and earlier in EnTech Taiwan PowerStrip 3.84 and earlier allows local users to gain privileges via certain IRP parameters in an IOCTL request to \Device\Powerstrip1 that overwrites portions of memory.
by NT Internals
ReVou TClone - Unauthenticated Arbitrary File Upload via index.php
Unrestricted file upload vulnerability in index.php in the Twitter Clone (TClone) plugin for ReVou Micro Blogging allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in settings/my_photo.
by S.W.A.T.
phpg 1.6 - Cross-Site Scripting / Full Path Disclosure / Denial of Service
by Anarchy Angel
Hotel Booking Reservation System 1.0.0 - com_hbssearch - SQL Injection
SQL injection vulnerability in the com_hbssearch component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the r_type parameter in a showhoteldetails action to index.php.
by boom3rang
By Source