Exploitdb Exploits

31,353 exploits tracked across all sources.

Sort: Activity Stars
CVE-2008-6184 EXPLOITDB text VERIFIED
OwnBiblio 1.5.3 - SQL Injection via catid Parameter
SQL injection vulnerability in the OwnBiblio (com_ownbiblio) component 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a catalogue action to index.php.
by H!tm@N
EIP-2026-108395 EXPLOITDB text VERIFIED
Joomla! Component com_jeux - 'id' SQL Injection
by H!tm@N
EIP-2026-106779 EXPLOITDB text VERIFIED
EEB-CMS 0.95 - 'index.php' Cross-Site Scripting
by d3v1l
CVE-2008-4569 EXPLOITDB text VERIFIED
XIGLA Absolute Poll Manager XE 4.1 - SQL Injection via xlacomments.asp p Parameter
SQL injection vulnerability in xlacomments.asp in XIGLA Software Absolute Poll Manager XE 4.1 allows remote attackers to execute arbitrary SQL commands via the p parameter.
by Hakxer
CVE-2008-6181 EXPLOITDB text VERIFIED
com_mad4joomla < 1.1.8.2 - SQL Injection via jid Parameter
SQL injection vulnerability in the Mad4Joomla Mailforms (com_mad4joomla) component before 1.1.8.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the jid parameter to index.php.
by H!tm@N
CVE-2008-6182 EXPLOITDB text VERIFIED
Joomla Ignitegallery - SQL Injection
SQL injection vulnerability in the Ignite Gallery (com_ignitegallery) component 0.8.0 through 0.8.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gallery parameter in a view action to index.php.
by H!tm@N
EIP-2026-106728 EXPLOITDB text VERIFIED
Easynet4u Link Host - 'cat_id' SQL Injection
by BeyazKurt
EIP-2026-106726 EXPLOITDB text VERIFIED
Easynet4u Forum Host - 'forum.php' SQL Injection
by SuB-ZeRo
EIP-2026-106725 EXPLOITDB text VERIFIED
Easynet4u faq Host - 'faq.php' SQL Injection
by SuB-ZeRo
EIP-2026-102625 EXPLOITDB text VERIFIED
KDE Konqueror 3.5.9 - JavaScript 'load' Denial of Service
by Jeremy Brown
EIP-2026-101058 EXPLOITDB text VERIFIED
Nokia Web Browser for S60 - Infinite Array Sort Denial of Service
by Luca Carettoni
EIP-2026-101053 EXPLOITDB text VERIFIED
Nokia Mini Map Browser - 'Array Sort' Silent Crash
by ikki
CVE-2008-4573 EXPLOITDB text VERIFIED
MunzurSoft Web Portal W3 - SQL Injection via kategori.asp kat Parameter
SQL injection vulnerability in kategori.asp in MunzurSoft Wep Portal W3 allows remote attackers to execute arbitrary SQL commands via the kat parameter.
by LUPUS
CVE-2008-4574 EXPLOITDB text VERIFIED
Ayco Okul Portali - SQL Injection via default.asp linkid Parameter
SQL injection vulnerability in default.asp in Ayco Okul Portali allows remote attackers to execute arbitrary SQL commands via the linkid parameter.
by Crackers_Child
CVE-2008-6086 EXPLOITDB text VERIFIED
Camera Life 2.6.2b4 - SQL Injection
SQL injection vulnerability in album.php in Camera Life 2.6.2b4 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3355.
by BackDoor
CVE-2008-6187 EXPLOITDB text VERIFIED
Gforge < 4.5.19 - SQL Injection via release_id Parameter
SQL injection vulnerability in frs/shownotes.php in Gforge 4.5.19 and earlier allows remote attackers to execute arbitrary SQL commands via the release_id parameter.
by beford
CVE-2008-6090 EXPLOITDB text VERIFIED
ScriptsEz Mini Hosting Panel - Path Traversal
Directory traversal vulnerability in members.php in ScriptsEz Mini Hosting Panel allows remote attackers to read arbitrary local files via a .. (dot dot) in the dir parameter in a view action.
by JosS
CVE-2008-6089 EXPLOITDB text VERIFIED
ScriptsEz Easy Image Downloader - Path Traversal
Directory traversal vulnerability in main.php in ScriptsEz Easy Image Downloader allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter in a download action.
by JosS
CVE-2008-6088 EXPLOITDB text VERIFIED
com_joomtracker 1.01 - SQL Injection via id Parameter
SQL injection vulnerability in the Joomtracker (com_joomtracker) 1.01 module for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a tordetails action to index.php.
by rsauron
EIP-2026-107952 EXPLOITDB text VERIFIED
IranMC Arad Center - SQL Injection
by Hussin X
CVE-2008-6188 EXPLOITDB text VERIFIED
Gforge < 4.6rc1 - SQL Injection via skill_edit[] Parameter
SQL injection vulnerability in people/editprofile.php in Gforge 4.6 rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the skill_edit[] parameter.
by beford
CVE-2008-6189 EXPLOITDB text VERIFIED
GForge 4.5.19 - SQL Injection via Offset Parameter
SQL injection vulnerability in GForge 4.5.19 allows remote attackers to execute arbitrary SQL commands via the offset parameter to (1) new/index.php, (2) news/index.php, and (3) top/topusers.php, which is not properly handled in database-pgsql.php.
by beford
CVE-2008-6087 EXPLOITDB text VERIFIED
Camera Life 2.6.2b4 - Cross-Site Scripting via Topic Name Parameter
Cross-site scripting (XSS) vulnerability in topic.php in Camera Life 2.6.2b4 allows remote attackers to inject arbitrary web script or HTML via the name parameter.
by BackDoor
CVE-2008-5869 EXPLOITDB text VERIFIED
Proxim Wireless Tsunami MP.11 2411 - XSS
Cross-site scripting (XSS) vulnerability in the Proxim Wireless Tsunami MP.11 2411 with firmware 3.0.3 allows remote authenticated users to inject arbitrary web script or HTML via the system.sysName.0 SNMP OID.
by Adrian Pastor
CVE-2008-6138 EXPLOITDB text VERIFIED
WebBiscuits Modules Controller <1.1 - RCE
PHP remote file inclusion vulnerability in adminhead.php in WebBiscuits Modules Controller 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter.
by GoLd_M
By Source
All 31,353 Writeup 60,959 Exploitdb 50,031 Nomisec 22,040 Metasploit 3,243 Github 3,066 Vulncheck_xdb 909 Inthewild 514 Gitlab 463 Gitee 415 Patchapalooza 312
By Language
text 31,353 python 6,278 ruby 5,933 c 3,604 perl 2,849 html 2,058 php 1,327 bash 460 java 364 c++ 253 javascript 222 shell 108 go 65 postscript 25 xml 24