Text Exploits
31,394 exploits tracked across all sources.
Verlihub <0.9.8d-RC2 - Local File Overwrite
The cTrigger::DoIt function in src/ctrigger.cpp in the trigger mechanism in the daemon in Verlihub 0.9.8d-RC2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/trigger.tmp temporary file.
by v4lkyrius
BitDefender Antivirus - Denial of Service via Crafted PDF File
Unspecified vulnerability in the pdf.xmd module in (1) BitDefender Free Edition 10 and Antivirus Standard 10, (2) BullGuard Internet Security 8.5, and (3) Software602 Groupware Server 6.0.08.1118 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, possibly related to included compressed streams that were processed with the ASCIIHexDecode filter. NOTE: some of these details are obtained from third party information.
by ProTeuS
vBulletin 3.7.3 - Visitor Message Cross-Site Request Forgery / Worm
by Mx
ToursManager - SQL Injection via tourid Parameter
SQL injection vulnerability in tourview.php in ToursManager allows remote attackers to execute arbitrary SQL commands via the tourid parameter.
by XaDoS
Softbiz Classifieds Script - Cross-Site Scripting via signinform.php msg Parameter
Cross-site scripting (XSS) vulnerability in signinform.php in Softbiz Classifieds Script allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by Vahid Ezraeil
NatterChat 1.1 and 1.12 - SQL Injection via Username and Password Parameters
Multiple SQL injection vulnerabilities in login.asp in NatterChat 1.1 and 1.12 allow remote attackers to execute arbitrary SQL commands via the (1) txtUsername parameter (aka Username) and (2) txtPassword parameter (aka Password) in a form generated by home.asp. NOTE: due to lack of details, it is not clear whether this is related to CVE-2004-2206.
by Stack
NatterChat 1.1 - Unauthenticated Authentication Bypass via Direct Admin Endpoint Access
NatterChat 1.1 allows remote attackers to bypass authentication and gain administrator privileges to read or delete rooms and messages via a direct request to admin/home.asp.
by Stack
NatterChat 1.1 and 1.12 - SQL Injection via Username and Password Parameters
Multiple SQL injection vulnerabilities in login.asp in NatterChat 1.1 and 1.12 allow remote attackers to execute arbitrary SQL commands via the (1) txtUsername parameter (aka Username) and (2) txtPassword parameter (aka Password) in a form generated by home.asp. NOTE: due to lack of details, it is not clear whether this is related to CVE-2004-2206.
by Bl@ckbe@rD
PHP < 5.2.7 - Arbitrary File Write via .htaccess error_log Directive
PHP 5 before 5.2.7 does not enforce the error_log safe_mode restrictions when safe_mode is enabled through a php_admin_flag setting in httpd.conf, which allows context-dependent attackers to write to arbitrary files by placing a "php_value error_log" entry in a .htaccess file.
by SecurityReason
GeSHi < 1.0.8 - Denial of Service via Unclosed XML Delimiter
The highlighting functionality in geshi.php in GeSHi before 1.0.8 allows remote attackers to cause a denial of service (infinite loop) via an XML sequence containing an opening delimiter without a closing delimiter, as demonstrated using "<".
by Christian Hoffmann
W3matter AskPert - SQL Injection via f[password] Parameter
SQL injection vulnerability in index.php in W3matter AskPert allows remote attackers to execute arbitrary SQL commands via the f[password] parameter. NOTE: some of these details are obtained from third party information.
by TR-ShaRk
W3matter RevSense 1.0 - SQL Injection via f[password] Parameter
SQL injection vulnerability in index.php in W3matter RevSense 1.0 allows remote attackers to execute arbitrary SQL commands via the f[password] parameter. NOTE: some of these details are obtained from third party information.
by d3b4g
Pre ASP Job Board - SQL Injection via Username or Password Parameter
SQL injection vulnerability in Employee/login.asp in Pre ASP Job Board allows remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password parameters, as reachable from Employee/emp_login.asp. NOTE: some of these details are obtained from third party information.
by R3d-D3V!L
Easyedit CMS - 'subcategory.php?intSubCategoryID' SQL Injection
by d3v1l
W3matter RevSense 1.0 - SQL Injection via f[password] Parameter
SQL injection vulnerability in index.php in W3matter RevSense 1.0 allows remote attackers to execute arbitrary SQL commands via the f[password] parameter. NOTE: some of these details are obtained from third party information.
by TR-ShaRk
Alex Article-Engine 1.3.0 - 'FCKeditor' Arbitrary File Upload
by Batter
3Com Wireless 8760 Dual-Radio 11a/b/g PoE - Multiple Vulnerabilities
by Adrian Pastor
Pluck 4.5.3 - Remote Code Execution via g_pcltar_lib_dir Parameter
Directory traversal vulnerability in data/inc/lib/pcltar.lib.php in Pluck 4.5.3, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the g_pcltar_lib_dir parameter.
by DSecRG
Musicbox 2.3.6-2.3.7 - SQL Injection via viewalbums.php artistId Parameter
SQL injection vulnerability in viewalbums.php in Musicbox 2.3.6 and 2.3.7 allows remote attackers to execute arbitrary SQL commands via the artistId parameter.
by snakespc
Free Directory Script 1.1.1 - Remote Code Execution via API_HOME_DIR Parameter
PHP remote file inclusion vulnerability in init.php in Free Directory Script 1.1.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the API_HOME_DIR parameter.
by Ghost Hacker
E-topbiz Link Back Checker 1 - Unauthenticated Authentication Bypass via Auth Cookie
E-topbiz Link Back Checker 1 allows remote attackers to bypass authentication and gain administrative access by setting the auth cookie to "admin."
by x0r
By Source