Text Exploits

31,394 exploits tracked across all sources.

Sort: Activity Stars
CVE-2008-6772 EXPLOITDB text VERIFIED
YourPlace <= 1.0.2 - Unauthenticated Account Takeover via Username Collision
login/register_form.php in YourPlace 1.0.2 and earlier does not check that a username already exists when a new account is created, which allows remote attackers to bypass intended access restrictions by registering a new account with the username of a target user.
by Osirys
CVE-2008-6771 EXPLOITDB text VERIFIED
YourPlace <= 1.0.2 - Information Disclosure via phpinfo.php Direct Request
YourPlace 1.0.2 and earlier allows remote attackers to obtain sensitive system information via a direct request via a direct request to user/uploads/phpinfo.php, which calls the phpinfo function.
by Osirys
CVE-2008-6770 EXPLOITDB text VERIFIED
YourPlace <= 1.0.2 - Unauthenticated Sensitive Information Exposure via Direct Request
YourPlace 1.0.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to a database containing user credentials via a direct request for users.txt.
by Osirys
CVE-2008-6769 EXPLOITDB text VERIFIED
YourPlace <= 1.0.2 - Authenticated Arbitrary File Upload via upload.php
Unrestricted file upload vulnerability in upload.php in YourPlace 1.0.2 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file.
by Osirys
CVE-2008-6773 EXPLOITDB text VERIFIED
YourPlace <= 1.0.2 - Authenticated Static Code Injection via Internet Toolbar Parameters
Static code injection vulnerability in user/internettoolbar/edit.php in YourPlace 1.0.2 and earlier allows remote authenticated users to execute arbitrary PHP code into user/internettoolbar/index.php via the (1) fav1_url, (2) fav1_name, (3) fav2_url, (4) fav2_name, (5) fav3_url, (6) fav3_name, (7) fav4_url, (8) fav4_name, (9) fav5_url, or (10) fav5_name parameters.
by Osirys
CVE-2008-5752 EXPLOITDB text VERIFIED
Page Flip Image Gallery <0.2.2 - Path Traversal
Directory traversal vulnerability in getConfig.php in the Page Flip Image Gallery plugin 0.2.2 and earlier for WordPress, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the book_id parameter. NOTE: some of these details are obtained from third party information.
by GoLd_M
CVE-2008-6336 EXPLOITDB text VERIFIED
Text Lines Rearrange Script 1.0 - Path Traversal via Filename Parameter
Directory traversal vulnerability in download.php in Text Lines Rearrange Script 1.0, when register_globals is enabled, allows remote attackers to read arbitrary local files via directory traversal sequences in the filename parameter.
by SirGod
CVE-2008-5619 EXPLOITDB text VERIFIED
Chuggnutt HTML to Text Converter <5.2.10 - RCE
html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer before 5.2.10, RoundCube Webmail (roundcubemail) 0.2-1.alpha and 0.2-3.beta, Mahara, and AtMail Open 1.03, allows remote attackers to execute arbitrary code via crafted input that is processed by the preg_replace function with the eval switch.
by Jacobo Avariento
EIP-2026-111734 EXPLOITDB text VERIFIED
REDPEACH CMS - SQL Injection
by Lidloses_Auge
CVE-2008-6337 EXPLOITDB text VERIFIED
Volunteer Management System (com_volunteer) 2.0 - SQL Injection via job_id Parameter
SQL injection vulnerability in the Volunteer Management System (com_volunteer) module 2.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the job_id parameter in a jobshow action to index.php.
by boom3rang
CVE-2008-5737 EXPLOITDB text VERIFIED
Nodstrum MySQL Calendar <1.2 - SQL Injection
SQL injection vulnerability in index.php in Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to execute arbitrary SQL commands via the username parameter.
by StAkeR
EIP-2026-101208 EXPLOITDB text VERIFIED
COMTREND CT-536 / HG-536 Routers - Multiple Remote Vulnerabilities
by Daniel Fernandez Bleda
CVE-2008-2186 EXPLOITDB text VERIFIED
Cilekyazilim Chicomas - XSS
Cross-site scripting (XSS) vulnerability in index.php in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to inject arbitrary web script or HTML via the q parameter.
by BugReport.IR
CVE-2008-5864 EXPLOITDB text VERIFIED
com_tophotelmodule 1.0 - SQL Injection via id Parameter
SQL injection vulnerability in the Top Hotel (com_tophotelmodule) component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php.
by boom3rang
CVE-2008-5725 EXPLOITDB text VERIFIED
EnTech Taiwan PowerStrip <3.84 - Privilege Escalation
The NT kernel-mode driver (aka pstrip.sys) 5.0.1.1 and earlier in EnTech Taiwan PowerStrip 3.84 and earlier allows local users to gain privileges via certain IRP parameters in an IOCTL request to \Device\Powerstrip1 that overwrites portions of memory.
by NT Internals
CVE-2008-6751 EXPLOITDB text VERIFIED
ReVou TClone - Unauthenticated Arbitrary File Upload via index.php
Unrestricted file upload vulnerability in index.php in the Twitter Clone (TClone) plugin for ReVou Micro Blogging allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in settings/my_photo.
by S.W.A.T.
EIP-2026-111062 EXPLOITDB text VERIFIED
phpg 1.6 - Cross-Site Scripting / Full Path Disclosure / Denial of Service
by Anarchy Angel
CVE-2008-5865 EXPLOITDB text VERIFIED
Hotel Booking Reservation System 1.0.0 - com_hbssearch - SQL Injection
SQL injection vulnerability in the com_hbssearch component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the r_type parameter in a showhoteldetails action to index.php.
by boom3rang
CVE-2008-5865 EXPLOITDB text VERIFIED
Hotel Booking Reservation System 1.0.0 - com_hbssearch - SQL Injection
SQL injection vulnerability in the com_hbssearch component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the r_type parameter in a showhoteldetails action to index.php.
by boom3rang
CVE-2008-5853 EXPLOITDB text VERIFIED
Chilek Content Management System <2.0.4 - Info Disclosure
Chilek Content Management System (aka ChiCoMaS) 2.0.4 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to (1) obtain database credentials via a direct request for config.inc or (2) read database backups via a request for a backup/ URI.
by BugReport.IR
CVE-2008-5732 EXPLOITDB text VERIFIED
KafooeyBlog 1.55b - Unauthenticated Arbitrary File Upload via Image Upload
Unrestricted file upload vulnerability in lib/image_upload.php in KafooeyBlog 1.55b allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file.
by Piker
CVE-2008-5852 EXPLOITDB text VERIFIED
Emefa Guestbook 3.0 - Info Disclosure
Emefa Guestbook 3.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for guestbook.mdb.
by Cyber.Zer0
CVE-2008-5859 EXPLOITDB text VERIFIED
Constructr CMS <3.02.5 - SQL Injection
SQL injection vulnerability in index.php in Constructr CMS 3.02.5 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the show_page parameter.
by fuzion
CVE-2008-5854 EXPLOITDB text VERIFIED
myPHPscripts Login Session 2.0 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in login.php in myPHPscripts Login Session 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) ls_user and (2) ls_email parameters (aka the User form) in an ls_register action. NOTE: some of these details are obtained from third party information.
by Osirys
CVE-2008-5847 EXPLOITDB text VERIFIED
Constructr CMS <3.02.5 - Info Disclosure
Constructr CMS 3.02.5 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information by reading the hash column.
by fuzion