Text Exploits
31,394 exploits tracked across all sources.
Vim - OS Command Injection via Netrw Plugin Filename Handling
The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames used by the execute and system functions within the (1) mz and (2) mc commands, as demonstrated by the netrw.v2 and netrw.v3 test cases. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2008-2712.
by Jan Minar
ContentNow CMS 1.4.1 - Cross-Site Scripting via pageid Parameter or PATH_INFO
Multiple cross-site scripting (XSS) vulnerabilities in upload/file/language_menu.php in ContentNow CMS 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) pageid parameter or (2) PATH_INFO.
by CWH Underground
Xpoze Pro 3.06 - SQL Injection via uid Parameter
SQL injection vulnerability in user.html in Xpoze Pro 3.06 (aka Xpoze Pro CMS 2008) allows remote attackers to execute arbitrary SQL commands via the uid parameter.
by HIva Team
ContentNow CMS 1.4.1 - Authenticated Arbitrary File Upload via upload.php
Unrestricted file upload vulnerability in upload.php in ContentNow CMS 1.4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in upload/.
by CWH Underground
Kasseler CMS 1.3.0 - Path Traversal via File Parameter
Directory traversal vulnerability in Kasseler CMS 1.3.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to index.php, possibly related to the phpManual module.
by Cr@zy_King
Kasseler CMS 1.3.0 and 1.3.1 Lite - Cross-Site Scripting via Files Module cid Parameter
Cross-site scripting (XSS) vulnerability in the Files module in Kasseler CMS 1.3.0 and 1.3.1 Lite allows remote attackers to inject arbitrary web script or HTML via the cid parameter in a Category action to index.php.
by Cr@zy_King
Panda ActiveScan <1.02.00 - Buffer Overflow
Stack-based buffer overflow in the ActiveX control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the Update method.
by Karol Wiesek
Panda ActiveScan < 1.02.00 - Remote Code Execution via ActiveX Update Method
The ActiveScan ActiveX Control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to download and execute arbitrary cabinet (CAB) files via unspecified URLs passed to the Update method.
by Karol Wiesek
gmitc com_dbquery < 1.4.1.1 - Remote Code Execution via mosConfig_absolute_path Parameter
PHP remote file inclusion vulnerability in the Green Mountain Information Technology and Consulting Database Query (com_dbquery) component 1.4.1.1 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to classes/DBQ/admin/common.class.php.
by SsEs
1024 CMS 1.4.4 - Multiple Local/Remote File Inclusions
by DSecRG
phpWebNews 0.2 MySQL Edition - SQL Injection via id_kat Parameter
SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the id_kat parameter.
by storm
phpWebNews 0.2 - SQL Injection via bukutamu.php det Parameter
SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the det parameter.
by Virangar Security
xchangeboard < 1.70 - Authenticated SQL Injection via newThread.php boardID Parameter
SQL injection vulnerability in newThread.php in XchangeBoard 1.70 Final and earlier allows remote authenticated users to execute arbitrary SQL commands via the boardID parameter.
by haZl0oh
brightcode_weblinks_module - SQL Injection via catid Parameter
SQL injection vulnerability in Brightcode Weblinks (com_brightweblinks) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter.
by His0k4
Joomla! / Mambo Component com_is 1.0.1 - Multiple SQL Injections
by H-T Team
CMS little 0.0.1 - Path Traversal via Template Parameter
Directory traversal vulnerability in index.php in CMS little 0.0.1 allows remote attackers to include and execute arbitrary local files, and probably remote files, via a .. (dot dot) in the template parameter.
by CWH Underground
QNX Momentics < 6.3.2 - Local Privilege Escalation via Long .pal Filename
Stack-based buffer overflow in phgrafx in QNX Momentics (aka RTOS) 6.3.2 and earlier allows local users to gain privileges via a long .pal filename in palette/.
by Filipe Balestra
VanGogh Web CMS 0.9 - SQL Injection via article_ID Parameter
SQL injection vulnerability in get_article.php in VanGogh Web CMS 0.9 allows remote attackers to execute arbitrary SQL commands via the article_ID parameter to index.php.
by CWH Underground
OneClick CMS 2008-01-24 - SQL Injection via id Parameter
SQL injection vulnerability in index.php in OneClick CMS (aka Sisplet CMS) 2008-01-24 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by CWH Underground
plx Ad Trader 3.2 - SQL Injection via adid Parameter
SQL injection vulnerability in ad.php in plx Ad Trader 3.2 allows remote attackers to execute arbitrary SQL commands via the adid parameter in a redir action.
by Hussin X
Simple PHP Agenda <= 2.2.4 - Remote File Inclusion via Page Parameter
Directory traversal vulnerability in index.php in Simple PHP Agenda 2.2.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
by StAkeR
com_versioning 1.0.2 - SQL Injection via id Parameter
SQL injection vulnerability in the Versioning component (com_versioning) 1.0.2 in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task to index.php.
by DarkMatter Crew
Joomla! Component mygallery - 'cid' SQL Injection
by Houssamix
EfesTECH Shop 2.0 - SQL Injection via cat_id Parameter
SQL injection vulnerability in default.asp in EfesTECH Shop 2.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in an urunler action.
by Kacak
By Source