Text Exploits
31,394 exploits tracked across all sources.
PlugSpace 0.1 - Path Traversal via Navi Parameter
Directory traversal vulnerability in index.php in PlugSpace 0.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the navi parameter.
by dun
PHP-Lance 1.52 - SQL Injection via show.php catid Parameter
SQL injection vulnerability in show.php in BitmixSoft PHP-Lance 1.52 allows remote attackers to execute arbitrary SQL commands via the catid parameter.
by InjEctOr5
MyCard 1.0.2 - SQL Injection via Gallery.php ID Parameter
SQL injection vulnerability in gallery.php in MyCard 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by r45c4l
Membership Script - Multiple Cross-Site Scripting Vulnerabilities
by Ghost Hacker
Lyrics Script - Cross-Site Scripting via Search Results k Parameter
Cross-site scripting (XSS) vulnerability in search_results.php in buymyscripts Lyrics Script allows remote attackers to inject arbitrary web script or HTML via the k parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by Ghost Hacker
LnBlog < 0.9.0 - Path Traversal via Plugin Parameter
Directory traversal vulnerability in pages/showblog.php in LnBlog 0.9.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the plugin parameter.
by dun
Joovili < 3.0 - SQL Injection via id Parameter
SQL injection vulnerability in Joovili 3.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) view.blog.php, (2) view.event.php, (3) view.group.php, (4) view.music.php, (5) view.picture.php, and (6) view.video.php.
by ~!Dok_tOR!~
E-Uploader Pro 1.0 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in E-Uploader Pro 1.0 (aka Uploader PRO), when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) img.php, (b) file.php, (c) mail.php, (d) thumb.php, (e) zip.php, and (f) zipit.php, and (2) the view parameter to (g) browser.php.
by ~!Dok_tOR!~
CoAST 0.95 - Remote Code Execution via sections_file Parameter
PHP remote file inclusion vulnerability in header.php in Concord Asset, Software, and Ticket system (CoAST) 0.95 allows remote attackers to execute arbitrary PHP code via a URL in the sections_file parameter.
by DaRkLiFe
Ed Pudol Clickbank Portal - Cross-Site Scripting via Search Box
Cross-site scripting (XSS) vulnerability in search.php in Ed Pudol Clickbank Portal allows remote attackers to inject arbitrary web script or HTML via the search box. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by Ghost Hacker
Camera Life 2.6.2b4 - Authenticated Arbitrary File Upload via Image Upload Component
Unrestricted file upload vulnerability in the image upload component in Camera Life 2.6.2b4 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in a user directory under images/photos/upload.
by Mi4night
ASPapp Knowledge Base - 'CatId' SQL Injection (2)
by Crackers_Child
WhoDomLite 1.1.3 - Cross-Site Scripting via dom Parameter
Cross-site scripting (XSS) vulnerability in wholite.cgi in WhoDomLite 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the dom parameter.
by Ghost Hacker
Check Point ZoneAlarm 8.0.020.000 - Denial of Service via Crafted HTTP Proxy Response
TrueVector in Check Point ZoneAlarm 8.0.020.000, with vsmon.exe running, allows remote HTTP proxies to cause a denial of service (crash) and disable the HIDS module via a crafted response.
by quakerdoomer
Windows XP SP3 - Denial of Service via Crafted .ico File
gdiplus.dll in GDI+ in Microsoft Windows XP SP3 does not properly handle crafted .ico files, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a certain crash.ico file on a web site, and allows user-assisted attackers to cause a denial of service (divide-by-zero error and persistent application crash) via this crash.ico file on the desktop, a different vulnerability than CVE-2007-2237.
by laurent gaffié
Ultimate Webboard 3.00 - SQL Injection via Category Parameter
SQL injection vulnerability in webboard.php in Ultimate Webboard 3.00 allows remote attackers to execute arbitrary SQL commands via the Category parameter.
by CWH Underground
Arz Development The Gemini Portal <= 4.7 - Unauthenticated Authentication Bypass via Cookie Manipulation
admin.php in Arz Development The Gemini Portal 4.7 and earlier allows remote attackers to bypass authentication and gain administrator privileges by setting the user cookie to "admin" and setting the name parameter to "users."
by Pepelux
The Gemini Portal 4.7 - Remote Code Execution via Lang Parameter File Inclusion
Multiple PHP remote file inclusion vulnerabilities in The Gemini Portal 4.7 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to (1) page/forums/bottom.php and (2) page/forums/category.php.
by ZoRLu
RPG.Board <= 0.8 Beta2 - SQL Injection via showtopic Parameter
SQL injection vulnerability in index.php in RPG.Board 0.8 Beta2 and earlier allows remote attackers to execute arbitrary SQL commands via the showtopic parameter.
by 0x90
Panuwat PromoteWeb MySQL - SQL Injection via go.php id Parameter
SQL injection vulnerability in go.php in Panuwat PromoteWeb MySQL, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
by CWH Underground
openengine 2.0 beta2 - Remote Code Execution via oe_classpath Parameter
PHP remote file inclusion vulnerability in cms/classes/openengine/filepool.php in openEngine 2.0 beta2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the oe_classpath parameter, a different vector than CVE-2008-4329.
by Crackers_Child
Libra File Manager <= 1.18 - Unauthenticated Authentication Bypass via Cookie Manipulation
Libra File Manager 1.18 and earlier allows remote attackers to bypass authentication and gain privileges by setting the user and pass cookies to 1.
by Stack
esqlanelapse 2.6.1-2.6.2 - Unauthenticated Authentication Bypass via Cookie Manipulation
Esqlanelapse 2.6.1 and 2.6.2 allows remote attackers to bypass authentication and gain privileges via modified (1) enombre and (2) euri cookies.
by ZoRLu
Crux Gallery <= 1.32 - Unauthenticated Privilege Escalation via Name Parameter
main.php in Crux Gallery 1.32 and earlier allows remote attackers to gain administrative access by setting the name parameter to "users," as demonstrated via index.php.
by Pepelux
barcodegen 2.0.0 - 'class_dir' Remote File Inclusion
by Br0k3n H34rT
By Source