Exploitdb Exploits
31,351 exploits tracked across all sources.
Microsoft Internet Explorer 5.01, 6, 6 SP1, and 7 - Use-After-Free via DSO Bindings
Use-after-free vulnerability in the CRecordInstance::TransferToDestination function in mshtml.dll in Microsoft Internet Explorer 5.01, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via DSO bindings involving (1) an XML Island, (2) XML DSOs, or (3) Tabular Data Control (TDC) in a crafted HTML or XML document, as demonstrated by nested SPAN or MARQUEE elements, and exploited in the wild in December 2008.
by Guido Landi
Webmaster Marketplace - SQL Injection
SQL injection vulnerability in member.php in Webmaster Marketplace allows remote attackers to execute arbitrary SQL commands via the u parameter.
by Hussin X
Pro Chat Rooms 3.0.2 - Authenticated Path Traversal and Remote Code Execution via Avatar Parameter
Directory traversal vulnerability in Pro Chat Rooms 3.0.2 allows remote authenticated users to select an arbitrary local PHP script as an avatar via a .. (dot dot) in the avatar parameter, and cause other users to execute this script by using sendData.php to send a message to (1) an individual user or (2) a room, leading to cross-site request forgery (CSRF), cross-site scripting (XSS), or other impacts.
by ZynbER
phpAddEdit 1.3 - Path Traversal and Remote File Inclusion via editform Parameter
Directory traversal vulnerability in addedit-render.php in phpAddEdit 1.3, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a URL in the editform parameter. NOTE: PHP remote file inclusion attacks are also likely.
by nuclear
eZoneScripts Living Local 1.1 - Authenticated Arbitrary PHP File Upload via editimage.php
Unrestricted file upload vulnerability in editimage.php in eZoneScripts Living Local 1.1 allows remote authenticated administrators to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the uploaded file.
by Bgh7
Butterfly Organizer 2.0.0 and 2.0.1 - SQL Injection via id Parameter
SQL injection vulnerability in view.php in Butterfly Organizer 2.0.0 and 2.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Osirys
CF_Forum - SQL Injection via categorynbr Parameter
SQL injection vulnerability in forummessages.cfm in CF_Forum allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter.
by AlpHaNiX
CFMSource CF_Auction - SQL Injection via forummessages.cfm categorynbr Parameter
SQL injection vulnerability in forummessages.cfm in CFMSource CF_Auction allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter.
by AlpHaNiX
CFMSource CFMBlog - SQL Injection via categorynbr Parameter
SQL injection vulnerability in index.cfm in CFMSource CFMBlog allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter.
by AlpHaNiX
CF Shopkart 5.2.2 - Unauthenticated Sensitive Information Exposure via Database File Access
CF Shopkart 5.2.2 stores cfshopkart52.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive information, such as usernames and passwords, via a direct request.
by AlpHaNiX
PHPmyGallery 1.5 beta - Remote File Inclusion via conf[lang] Parameter
Directory traversal vulnerability in _conf/_php-core/common-tpl-vars.php in PHPmyGallery 1.5 beta allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the conf[lang] parameter, a different issue than CVE-2008-6318. NOTE: this might be the same issue as CVE-2008-6316.
by CoBRa_21
phpmygallery 1.0 beta2 - Remote File Inclusion via Lang Parameter Path Traversal
Directory traversal vulnerability in _conf/core/common-tpl-vars.php in PHPmyGallery 1.0 beta2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter, a different issue than CVE-2008-6316 and a different vector than CVE-2008-6318.
by ZoRLu
PHPmyGallery 1.0 beta2 - Remote Code Execution via confdir Parameter
PHP remote file inclusion vulnerability in _conf/core/common-tpl-vars.php in PHPmyGallery 1.0 beta2 allows remote attackers to execute arbitrary PHP code via a URL in the confdir parameter, a different issue than CVE-2008-6316.
by ZoRLu
ProQuiz 1.0 - SQL Injection via Username Parameter
SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote attackers to execute arbitrary SQL commands via the username parameter.
by Osirys
Triangle Solutions PHP Multiple Newsletters 2.7 - XSS
Cross-site scripting (XSS) vulnerability in index.php in Triangle Solutions PHP Multiple Newsletters 2.7 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
by ahmadbady
PostEcards - SQL Injection via cid Parameter
SQL injection vulnerability in sendcard.cfm in PostEcards allows remote attackers to execute arbitrary SQL commands via the cid parameter.
by AlpHaNiX
Vinagre 0.5.x-0.5.1 and 2.x-2.24.1 - Remote Code Execution via Format String in URI or VNC Response
Format string vulnerability in the vinagre_utils_show_error function (src/vinagre-utils.c) in Vinagre 0.5.x before 0.5.2 and 2.x before 2.24.2 might allow remote attackers to execute arbitrary code via format string specifiers in a crafted URI or VNC server response.
by Core Security
ProQuiz 1.0 - SQL Injection via Password Parameter
SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote attackers to execute arbitrary SQL commands via the password parameter, a different vector than CVE-2008-6312.
by Osirys
PHPmyGallery 1.5 beta - Remote Code Execution via admindir Parameter
PHP remote file inclusion vulnerability in _conf/_php-core/common-tpl-vars.php in PHPmyGallery 1.5 beta allows remote attackers to execute arbitrary PHP code via a URL in the admindir parameter, a different vector than CVE-2008-6317.
by CoBRa_21
PHPmyGallery 1.5 beta - Remote File Inclusion via conf[lang] Parameter
Directory traversal vulnerability in _conf/_php-core/common-tpl-vars.php in PHPmyGallery 1.5 beta allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the conf[lang] parameter, a different issue than CVE-2008-6318. NOTE: this might be the same issue as CVE-2008-6316.
by ZoRLu
PHP Multiple Newsletters <2.7 - Path Traversal
Directory traversal vulnerability in index.php in PHP Multiple Newsletters 2.7, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
by ahmadbady
Peel 3.1 - SQL Injection via rubid Parameter
SQL injection vulnerability in lire/index.php in Peel 3.1 allows remote attackers to execute arbitrary SQL commands via the rubid parameter. NOTE: this might be the same issue as CVE-2005-3572.
by SuB-ZeRo
Netref 4.0 - SQL Injection via id Parameter
SQL injection vulnerability in Netref 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) fiche_product.php and (2) presentation.php.
by SuB-ZeRo
PHP - 'Safe_mode' Bypass via 'proc_open()' and custom Environment
by gat3way
By Source