Exploitdb Exploits
31,353 exploits tracked across all sources.
Pro Desk Support Center 1.0 and 1.2 - Path Traversal via Include File Parameter
Directory traversal vulnerability in the Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php.
by d3v1l
Onguma Time Sheet 2.0 4b - Remote Code Execution via mosConfig_absolute_path Parameter
PHP remote file inclusion vulnerability in lib/onguma.class.php in the Onguma Time Sheet (com_ongumatimesheet20) 2.0 4b component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
by NoGe
firmCHANNEL Digital Signage 3.24 - Cross-Site Scripting via Account Module Action Parameter
Cross-site scripting (XSS) vulnerability in the account module in firmCHANNEL Digital Signage 3.24, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the action parameter to index.php.
by Brad Antoniewicz
dhcart - Cross-Site Scripting via order.php domain and d1 Parameters
Cross-site scripting (XSS) vulnerability in order.php in DHCart allows remote attackers to inject arbitrary web script or HTML via the (1) domain and (2) d1 parameters.
by Lostmon
CMS-School 2005 - 'showarticle.php' SQL Injection
by Cyber-Zone
OpenSymphony XWork 2.0.x < 2.0.6 and 2.1.x < 2.1.2 - Remote Code Execution via OGNL Context Object Reference
ParametersInterceptor in OpenSymphony XWork 2.0.x before 2.0.6 and 2.1.x before 2.1.2, as used in Apache Struts and other products, does not properly restrict # (pound sign) references to context objects, which allows remote attackers to execute Object-Graph Navigation Language (OGNL) statements and modify server-side context objects, as demonstrated by use of a \u0023 representation for the # character.
by Meder Kydyraliev
Apache Struts 2.0.0-2.0.11 and 2.1.0-2.1.2 - Path Traversal via Encoded Dot-Dot-Slash in URI
Multiple directory traversal vulnerabilities in Apache Struts 2.0.x before 2.0.12 and 2.1.x before 2.1.3 allow remote attackers to read arbitrary files via a ..%252f (encoded dot dot slash) in a URI with a /struts/ path, related to (1) FilterDispatcher in 2.0.x and (2) DefaultStaticContentLoader in 2.1.x.
by Csaba Barta
MatPo Link 1.2 Beta - SQL Injection via id Parameter
SQL injection vulnerability in view.php in MatPo Link 1.2 Beta allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Hakxer
Acc Real Estate 4.0 - Unauthenticated Authentication Bypass via username_cookie
admin/Index.php in Acc Real Estate 4.0 allows remote attackers to bypass authentication and gain administrative access by setting the username_cookie to "admin."
by Hakxer
Acc Autos 4.0 - Unauthenticated Authentication Bypass via Cookie Manipulation
Acc Autos 4.0 allows remote attackers to bypass authentication and gain administrative access by setting the (1) username_cookie to "admin," (2) right_cookie to "1," and (3) id_cookie to "1."
by x0r
Dragan Mitic Apoll 0.7 beta and 0.7.5 - SQL Injection via User Parameter
SQL injection vulnerability in admin/index.php in Dragan Mitic Apoll 0.7 beta and 0.7.5 allows remote attackers to execute arbitrary SQL command via the user parameter.
by ZoRLu
pppblog < 0.3.8 - Directory Traversal via File Array Parameter
Directory traversal vulnerability in randompic.php in pppBLOG 0.3.8 and earlier, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) sequence in an index of the "file" array parameter, as demonstrated by file[0].
by JosS
MatPo Link 1.2 Beta - SQL Injection via id Parameter
SQL injection vulnerability in view.php in MatPo Link 1.2 Beta allows remote attackers to execute arbitrary SQL commands via the id parameter.
by ZoRLu
MatPo Link 1.2 Beta - Cross-Site Scripting via Thema Parameter
Cross-site scripting (XSS) vulnerability in view.php in MatPo Link 1.2 Beta allows remote attackers to inject arbitrary web script or HTML via the thema parameter.
by Hakxer
BosDev BosClassifieds - SQL Injection via cat_id Parameter
SQL injection vulnerability in index.php in BosDev BosClassifieds allows remote attackers to execute arbitrary SQL commands via the cat_id parameter, a different vector than CVE-2008-1838.
by ZoRLu
Dragan Mitic Apoll 0.7 beta and 0.7.5 - SQL Injection via Admin Index Pass Parameter
SQL injection vulnerability in admin/index.php in Dragan Mitic Apoll 0.7 beta and 0.7.5 allows remote attackers to execute arbitrary SQL command via the pass parameter.
by ZoRLu
Acc Statistics 1.1 - Unauthenticated Authentication Bypass via username_cookie
admin/Index.php in Acc Statistics 1.1 allows remote attackers to bypass authentication and gain administrative access by setting the username_cookie cookie to "admin."
by Hakxer
Acc Statistics 1.1 - Unauthenticated Authentication Bypass via username_cookie
admin/Index.php in Acc Statistics 1.1 allows remote attackers to bypass authentication and gain administrative access by setting the username_cookie cookie to "admin."
by Hakxer
Acc PHP eMail 1.1 - Unauthenticated Authentication Bypass via NEWSLETTERLOGIN Cookie
Acc PHP eMail 1.1 allows remote attackers to bypass authentication and gain administrative access by setting the NEWSLETTERLOGIN cookie to "admin".
by Hakxer
Acc Statistics 1.1 - Unauthenticated Authentication Bypass via username_cookie
admin/Index.php in Acc Statistics 1.1 allows remote attackers to bypass authentication and gain administrative access by setting the username_cookie cookie to "admin."
by x0r
lynx < 2.8.6rel.4 - Unauthenticated Remote Code Execution via Malicious .mailcap or mime.types Files
Untrusted search path vulnerability in Lynx before 2.8.6rel.4 allows local users to execute arbitrary code via malicious (1) .mailcap and (2) mime.types files in the current working directory.
by Piotr Engelking
Apartment Search Script - Unauthenticated Arbitrary File Upload via editimage.php GIF Header Bypass
Unrestricted file upload vulnerability in editimage.php in Apartment Search Script allows remote attackers to execute arbitrary code by uploading a file with an executable extension and a GIF header, then accessing this file via a direct request to a renamed file in Member_Admin/logo/.
by ZoRLu
NetRisk < 2.0 - SQL Injection via id Parameter
SQL injection vulnerability in index.php in NetRisk 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) profile page (profile.php) or (2) game page (game.php). NOTE: some of these details are obtained from third party information.
by StAkeR
YourFreeWorld Shopping Cart Script - SQL Injection via index.php c Parameter
SQL injection vulnerability in index.php in YourFreeWorld Shopping Cart Script allows remote attackers to execute arbitrary SQL commands via the c parameter.
by Hussin X
YourFreeWorld Downline Builder - SQL Injection via tr.php id Parameter
SQL injection vulnerability in tr.php in YourFreeWorld Downline Builder allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Hussin X
By Source