Exploitdb Exploits
31,353 exploits tracked across all sources.
asiCMS alpha 0.208 - Remote Code Execution via _ENV[asicms][path] Parameter
Multiple PHP remote file inclusion vulnerabilities in asiCMS alpha 0.208 allow remote attackers to execute arbitrary PHP code via a URL in the _ENV[asicms][path] parameter to (1) Association.php, (2) BigMath.php, (3) DiffieHellman.php, (4) DumbStore.php, (5) Extension.php, (6) FileStore.php, (7) HMAC.php, (8) MemcachedStore.php, (9) Message.php, (10) Nonce.php, (11) SQLStore.php, (12) SReg.php, (13) TrustRoot.php, and (14) URINorm.php in classes/Auth/OpenID/; and (15) XRDS.php, (16) XRI.php and (17) XRIRes.php in classes/Auth/Yadis/.
by NoGe
KDE Konqueror 3.5.9 - Denial of Service via Long HTML Color Attribute
The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to cause a denial of service (application crash) via (1) a long COLOR attribute in an HR element; or a long (a) BGCOLOR or (b) BORDERCOLOR attribute in a (2) TABLE, (3) TD, or (4) TR element. NOTE: the FONT vector is already covered by CVE-2008-4514.
by Jeremy Brown
Fastpublish CMS 1.9.9.9.9 d - SQL Injection via Sprache or Artikel Parameter
Multiple SQL injection vulnerabilities in Fastpublish CMS 1.9.9.9.9 d (1.9999 d) allow remote attackers to execute arbitrary SQL commands via the (1) sprache parameter to index2.php and the (2) artikel parameter to index.php.
by ~!Dok_tOR!~
FastStone Image Viewer 3.6 - Denial of Service via Malformed BMP Image
FastStone Image Viewer 3.6 allows user-assisted attackers to cause a denial of service (application crash) via a malformed BMP image with large width and height values, possibly a related issue to CVE-2007-1942.
by suN8Hclf
AyeView 2.20 - Denial of Service via Malformed Bitmap File
AyeView 2.20 allows user-assisted attackers to cause a denial of service (memory consumption or application crash) via a bitmap (aka .bmp) file with large height and width values.
by suN8Hclf
phpabook < 0.8.8b - Remote File Inclusion via UserInfo Cookie
Directory traversal vulnerability in config.inc.php in phpAbook 0.8.8b and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the userInfo cookie.
by JosS
PHP-Fusion Mod triscoop_race_system - 'raceid' SQL Injection
by boom3rang
PHP-Fusion Recepies Module 1.1 - SQL Injection via kat_id Parameter
SQL injection vulnerability in recept.php in the Recepies (Recept) module 1.1 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the kat_id parameter in a kategorier action. NOTE: some of these details are obtained from third party information.
by boom3rang
World of Warcraft tracker infusion module 2.0 - SQL Injection via INFO_RAID_ID Parameter
SQL injection vulnerability in thisraidprogress.php in the World of Warcraft tracker infusion (raidtracker_panel) module 2.0 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the INFO_RAID_ID parameter.
by boom3rang
PHP-Fusion Mod manuals - 'manual' SQL Injection
by boom3rang
FOSS Gallery 1.0 beta - Unauthenticated Arbitrary File Upload via processFiles.php
Unrestricted file upload vulnerability in processFiles.php in FOSS Gallery Admin and FOSS Gallery Public 1.0 beta allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the root directory.
by Pepelux
Fastpublish CMS 1.9999 d - Path Traversal via Target Parameter
Multiple directory traversal vulnerabilities in Fastpublish CMS 1.9999 d allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the target parameter to (1) index2.php and (2) index.php.
by ~!Dok_tOR!~
VeriSign Kontiki Delivery Management System <= 5.0 - Cross-Site Scripting via Action Parameter
Cross-site scripting (XSS) vulnerability in VeriSign Kontiki Delivery Management System (DMS) 5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the action parameter to zodiac/servlet/zodiac.
by Mazin Faour
AyeView 2.20 - Denial of Service via Malformed GIF Header
AyeView 2.20 allows user-assisted attackers to cause a denial of service (application crash) via a GIF file with a malformed header.
by suN8Hclf
Phlatline Personal Information Manager 1.01 - Path Traversal via Notes.php ID Parameter
Directory traversal vulnerability in notes.php in Phlatline's Personal Information Manager (pPIM) 1.01 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the id parameter in an edit action.
by JosS
JMweb MP3 Music Audio Search and Download Script - Path Traversal via src Parameter
Multiple directory traversal vulnerabilities in JMweb MP3 Music Audio Search and Download Script allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the src parameter to (1) listen.php and (2) download.php.
by SirGod
XAMPP for Windows 1.6.8 - 'cds.php' SQL Injection
by Jaykishan Nirmal
Serv-U File Server 7.0.0.1-7.3 - Authenticated Path Traversal via RNTO Command
Directory traversal vulnerability in the FTP server in Serv-U 7.0.0.1 through 7.3, including 7.2.0.1, allows remote authenticated users to overwrite or create arbitrary files via a ..\ (dot dot backslash) in the RNTO command.
by dmnt
RhinoSoft Serv-U FTP Server 7.2.0.1 - 'rnto' Directory Traversal
by dmnt
VirusBlokAda VBA32 Personal Antivirus <3.12.8.x - DoS
The scanning engine in VirusBlokAda VBA32 Personal Antivirus 3.12.8.x allows remote attackers to cause a denial of service (memory corruption and application crash) via a malformed RAR archive.
by LiquidWorm
Serv-U 7.0.0.1-7.3 - Authenticated Denial of Service via STOU Command
Serv-U 7.0.0.1 through 7.3, including 7.2.0.1, allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted stou command, probably related to MS-DOS device names, as demonstrated using "con:1".
by dmnt
Kwalbum < 2.0.2 - Authenticated Arbitrary File Upload and Remote Code Execution via Executable File Extension
Unrestricted file upload vulnerability in Kwalbum 2.0.4, 2.0.2, and earlier, when PICS_PATH is located in the web root, allows remote authenticated users with upload capability to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file under items/, related to the ReplaceBadFilenameChars function in include/ItemAdder.php. NOTE: some of these details are obtained from third party information.
by CWH Underground
Full PHP Emlak Script - SQL Injection
SQL injection vulnerability in arsaprint.php in Full PHP Emlak Script allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3942.
by Hussin X
By Source