Text Exploits
31,394 exploits tracked across all sources.
PozScripts Business Directory Script - SQL Injection
SQL injection vulnerability in showcategory.php in PozScripts Business Directory Script allows remote attackers to execute arbitrary SQL commands via the cid parameter.
by Hussin X
Joomla com_rssreader 1.0 - Remote Code Execution via mosConfig_live_site Parameter
PHP remote file inclusion vulnerability in admin.rssreader.php in the Simple RSS Reader (com_rssreader) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.
by NoGe
Joomla! com_contactinfo 1.0 - SQL Injection
SQL injection vulnerability in the Contact Information Module (com_contactinfo) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
by boom3rang
Joomla com_marketplace 1.1.1 and 1.1.1-pl1 - SQL Injection via catid Parameter
SQL injection vulnerability in index.php in the Marketplace (com_marketplace) 1.1.1 and 1.1.1-pl1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show_category action.
by TR-ShaRk
Joomla com_books - SQL Injection via book_id Parameter
SQL injection vulnerability in the Books (com_books) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter in a book_details action to index.php.
by boom3rang
Joomla! / Mambo Component com_catalogproduction - 'id' SQL Injection
by boom3rang
ajsquare aj_classifieds - Unauthenticated Authentication Bypass via Direct Admin Page Access
AJ Classifieds allows remote attackers to bypass authentication and gain administrator privileges via a direct request to admin/home.php.
by G4N0K
smcFanControl 2.1.2 - Local Privilege Escalation via Long -k Option
Stack-based buffer overflow in the smc program in smcFanControl 2.1.2 allows local users to execute arbitrary code and gain privileges via a long -k option.
by xwings
AJ Square AJ Auction - Unauthenticated Authentication Bypass via Direct Script Request
AJ Square AJ Auction OOPD, Pro Platinum Skin #1, Pro Platinum Skin #2, and Web 2.0 send a redirect but do not exit when certain scripts are called directly, which allows remote attackers to bypass authentication via a direct request to (1) site.php, (2) auction.php, (3) mail.php, (4) fee_setting.php, (5) earnings.php, (6) insertion_fee_settings.php, (7) custom_category.php, (8) subcategory.php, (9) category.php, (10) report.php, (11) store_manager.php, and (12) choose_sell_format.php in admin/, and possibly other vectors.
by G4N0K
Collabtive 0.4.8 - Authenticated Remote Code Execution via Unrestricted File Upload
Unrestricted file upload vulnerability in Collabtive 0.4.8 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension and using a text/plain MIME type, then accessing it via a direct request to the file in files/, related to (1) the showproject action in managefile.php or (2) the Messages feature.
by USH
Collabtive 0.4.8 - Unauthenticated Authentication Bypass and Privilege Escalation via Admin User Creation
Collabtive 0.4.8 allows remote attackers to bypass authentication and create new users, including administrators, via unspecified vectors associated with the added mode in a users action to admin.php.
by USH
Collabtive 0.4.8 - Stored Cross-Site Scripting in Project Name via manageproject.php
Cross-site scripting (XSS) vulnerability in manageproject.php in Collabtive 0.4.8 allows user-assisted remote attackers to inject arbitrary web script or HTML via the project Name, which is not properly handled when the administrator performs an editform action, related to admin.php.
by USH
AJ Square Free Polling Script - Unauthenticated Authentication Bypass via Direct Request to admin/resetvote.php
AJ Square Free Polling Script (AJPoll) Database version allows remote attackers to bypass authentication and reset poll votes via a direct request to admin/resetvote.php.
by G4N0K
AJ Square Free Polling Script - SQL Injection via ques Parameter
SQL injection vulnerability in admin/include/newpoll.php in AJ Square Free Polling Script (AJPoll) Database version allows remote attackers to execute arbitrary SQL commands via the ques parameter.
by G4N0K
FreshScripts Fresh Email Script 1.0-1.11 - Remote Code Execution via tmp_sid Parameter
PHP remote file inclusion vulnerability in url.php in FreshScripts Fresh Email Script 1.0 through 1.11 allows remote attackers to execute arbitrary PHP code via a URL in the tmp_sid parameter.
by Don
PHPStore Real Estate - Authenticated Arbitrary File Upload via Logo Image
Unrestricted file upload vulnerability in PHPStore Real Estate allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a logo, then accessing it via a direct request to the file in realty/re_images/.
by ZoRLu
PHPStore Job Search - Authenticated Remote Code Execution via Resume Photo Upload
Unrestricted file upload vulnerability in PHPStore Job Search (aka PHPCareers) allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a resume photo, then accessing it via a direct request to the file in jobseekers/jobseeker_profile_images.
by ZoRLu
PHPStore Complete Classifieds - Authenticated Arbitrary File Upload and Remote Code Execution via Logo Upload
Unrestricted file upload vulnerability in PHPStore Complete Classifieds allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a logo, then accessing it via a direct request to the file in classifieds1/yellow_images/.
by ZoRLu
PHPStore Auto Classifieds - Authenticated Arbitrary File Upload via Logo Upload
Unrestricted file upload vulnerability in PHPStore Auto Classifieds allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a logo, then accessing it via a direct request to the file in cars/cars_images/.
by ZoRLu
OTManager 2.4 - Remote Code Execution via Tipo Parameter
PHP remote file inclusion vulnerability in Admin/ADM_Pagina.php in OTManager 2.4 allows remote attackers to execute arbitrary PHP code via a URL in the Tipo parameter.
by Colt7r
JooBlog 0.1.1 - SQL Injection via PostID Parameter
SQL injection vulnerability in the JooBlog (com_jb2) component 0.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the PostID parameter to index.php.
by boom3rang
FreshScripts Fresh Email Script 1.0-1.11 - Cross-Site Scripting via Email Parameter
Cross-site scripting (XSS) vulnerability in register.php in FreshScripts Fresh Email Script 1.0 through 1.11 allows remote attackers to inject arbitrary web script or HTML via the Email parameter. NOTE: this can be leveraged to modify cookies and conduct session fixation attacks.
by Don
Sanusart Free Simple Guestbook PHP Script - Remote Code Execution via Message Parameter
Static code injection vulnerability in Sanus|artificium (aka Sanusart) Free simple guestbook PHP script, when downloaded before 20081111, allows remote attackers to inject arbitrary PHP code into messages.txt via the message parameter to act.php, which is executed when guestbook/guestbook.php is accessed. NOTE: some of these details are obtained from third party information.
by GoLd_M
Collabtive - Cross-Site Request Forgery
Multiple cross-site request forgery (CSRF) vulnerabilities in Collabtive 0.4.8 allow remote attackers to hijack the authentication of administrators for requests that (1) submit or edit a new project, or (2) upload files to a project, or (3) attach files to messages via unknown vectors. NOTE: these issues can be leveraged with other vulnerabilities to create remote attack vectors that do not require authentication.
by USH
AJ Square Free Polling Script - Unauthenticated Authentication Bypass via Direct Request to newpoll.php
AJ Square Free Polling Script (AJPoll) allows remote attackers to bypass authentication and create new polls via a direct request to admin/include/newpoll.php, a different vector than CVE-2008-7045. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by G4N0K
By Source