Exploitdb Exploits
31,353 exploits tracked across all sources.
Pritlog < 0.4 - Unauthenticated Path Traversal via Filename Parameter
Directory traversal vulnerability in index.php in Pritlog 0.4 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter in a viewEntry action.
by Pepelux
Micronation Banking System <1.5.0 - RCE
Multiple PHP remote file inclusion vulnerabilities in Micronation Banking System (minba) 1.5.0 allow remote attackers to execute arbitrary PHP code via a URL in the minsoft_path parameter to (1) utdb_access.php and (2) utgn_message.php in utility/.
by DaRkLiFe
QuidaScript FAQ Management Script - SQL Injection via catid Parameter
SQL injection vulnerability in index.php in QuidaScript FAQ Management Script allows remote attackers to execute arbitrary SQL commands via the catid parameter.
by Hussin X
efront < 3.5.1 - Unauthenticated Arbitrary File Upload and Remote Code Execution via Avatar Upload
Unrestricted file upload vulnerability in filesystem3.class.php in eFront 3.5.1 build 2710 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension as an avatar, then accessing it via a direct request to the file in (1) student/avatars/ or (2) professor/avatars/.
by Pepelux
QuidaScript BookMarks Favourites Script - SQL Injection
SQL injection vulnerability in view_group.php in QuidaScript BookMarks Favourites Script (APB) allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Hussin X
a4desk Flash Event Calendar - Remote Code Execution via index.php v Parameter
PHP remote file inclusion vulnerability in index.php in A4Desk Event Calendar, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the v parameter.
by Lo$er
MySQL - Cross-Site Scripting via HTML Output with --html Option
Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be accessed by this client when composing an HTML document. NOTE: as of 20081031, the issue has not been fixed in MySQL 5.0.67.
by Thomas Henlich
Xen 3.0.3 - Denial of Service via Xenstore Directory Tree Write Access
xend in Xen 3.0.3 does not properly limit the contents of the /local/domain xenstore directory tree, and does not properly restrict a guest VM's write access within this tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to (1) console/tty, (2) console/limit, or (3) image/device-model-pid. NOTE: this issue was originally reported as an issue in libvirt 0.3.3 and xenstore, but CVE is considering the core issue to be related to Xen.
by Pascal Bouchareine
WordPress MU < 2.6 - Cross-Site Scripting via s or ip_address Parameter
Cross-site scripting (XSS) vulnerability in wp-admin/wp-blogs.php in Wordpress MU (WPMU) before 2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) s and (2) ip_address parameters.
by Juan Galiana Lara
PHP Jabbers Post Comment 3.0 - Unauthenticated Administrative Access via PostCommentsAdmin Cookie
PHP Jabbers Post Comment 3.0 allows remote attackers to bypass authentication and gain administrative access by setting the PostCommentsAdmin cookie to "logged."
by Crackers_Child
PHPJabbers Post Comments 3.0 - Cookie Authentication Bypass
by Crackers_Child
PG Matchmaking - SQL Injection via id Parameter
SQL injection vulnerability in PG Matchmaking allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) news_read.php and (2) gifts_show.php.
by Super Cristal
Events Calendar 1.1 - Remote Code Execution via path[docroot] or component Parameter
PHP remote file inclusion vulnerability in panel/common/theme/default/header_setup.php in WebBiscuits Software Events Calendar 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the (1) path[docroot] and (2) component parameters.
by k3vin mitnick
CAcert - Cross-Site Scripting via X.509 Certificate CommonName Field
Cross-site scripting (XSS) vulnerability in analyse.php in CAcert 20080921, and possibly other versions before 20080928, allows remote attackers to inject arbitrary web script or HTML via the CN (CommonName) field in the subject of an X.509 certificate.
by Alexander Klink
ArabCMS 2.0 beta 1 - Path Traversal via RSS Parameter
Directory traversal vulnerability in rss.php in ArabCMS 2.0 beta 1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the rss parameter.
by JIKO
Wireshark 0.99.7-1.0.3 - Denial of Service via Malformed Tamos CommView Capture File
wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application abort) via a malformed Tamos CommView capture file (aka .ncf file) with an "unknown/unexpected packet type" that triggers a failed assertion.
by Shinnok
Windows XP - Denial of Service via Crafted ZIP File
Windows Explorer in Microsoft Windows XP SP3 allows user-assisted attackers to cause a denial of service (application crash) via a crafted .ZIP file.
by fl0 fl0w
ZEELYRICS 2.0 - SQL Injection via bannerclick.php adid Parameter
SQL injection vulnerability in bannerclick.php in ZEELYRICS 2.0 allows remote attackers to execute arbitrary SQL commands via the adid parameter.
by Hussin X
Pro Chat Rooms 3.0.3 - SQL Injection via gud Parameter
SQL injection vulnerability in Pro Chat Rooms 3.0.3, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the gud parameter to (1) profiles/index.php and (2) profiles/admin.php.
by ~!Dok_tOR!~
Pilot Group eTraining - SQL Injection via News Read ID Parameter
SQL injection vulnerability in news_read.php in Pilot Group (PG) eTraining allows remote attackers to execute arbitrary SQL commands via the id parameter.
by S.W.A.T.
Freshlinks 1.0 RC1 module for PHP-Fusion - SQL Injection via linkid Parameter
SQL injection vulnerability in index.php in the Freshlinks 1.0 RC1 module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the linkid parameter.
by boom3rang
Joomla com_imagebrowser 0.1.5 - Path Traversal via Folder Parameter
Directory traversal vulnerability in the Image Browser (com_imagebrowser) 0.1.5 component for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the folder parameter to index.php.
by Cr@zy_King
bbzl.php 0.92 - Unauthenticated Authentication Bypass via phorum_admin_session Cookie
BbZL.PhP 0.92 allows remote attackers to bypass authentication and gain administrative access by setting the phorum_admin_session cookie to 1.
by Stack
BbZL.PhP 0.92 - Path Traversal via lien_2 Parameter
Directory traversal vulnerability in index.php in BbZL.PhP 0.92 allows remote attackers to access unauthorized directories via a .. (dot dot) in the lien_2 parameter.
by JIKO
By Source