Text Exploits
31,394 exploits tracked across all sources.
EntertainmentScript 1.4.0 - SQL Injection via play.php id Parameter
SQL injection vulnerability in play.php in EntertainmentScript 1.4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Mr.SQL
cPanel < 11.8.6 and < 11.23.1 - Authenticated Remote Code Execution via Email Address Field
scripts/wwwacct in cPanel 11.18.6 STABLE and earlier and 11.23.1 CURRENT and earlier allows remote authenticated users with reseller privileges to execute arbitrary code via shell metacharacters in the Email address field (aka Email text box). NOTE: the vendor disputes this, stating "I'm unable to reproduce such an issue on multiple servers running different versions of cPanel.
by Ali Jasbi
bcoos 1.0.9-1.0.13 - Path Traversal via File Parameter
Directory traversal vulnerability in highlight.php in bcoos 1.0.9 through 1.0.13 allows remote attackers to read arbitrary files via (1) .. (dot dot) or (2) C: folder sequences in the file parameter.
by Lostmon
TAGWORX.CMS 3.00.02 - SQL Injection via cid or nid Parameter
Multiple SQL injection vulnerabilities in TAGWORX.CMS 3.00.02 allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter to contact.php and the (2) nid parameter to news.php.
by dun
gnugallery < 1.1.1.0 - Path Traversal via show Parameter
Directory traversal vulnerability in admin.php in GNU/Gallery 1.1.1.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the show parameter.
by t0pP8uZz
CMS WebManager-Pro - SQL Injection via lang_id or menu_id Parameters
Multiple SQL injection vulnerabilities in index.php in CMS WebManager-Pro allow remote attackers to execute arbitrary SQL commands via the (1) lang_id and (2) menu_id parameters.
by dun
AlkalinePHP < 0.77.35 - Unauthenticated Admin Account Creation via Direct Request to adduser.php
AlkalinePHP 0.77.35 and earlier allows remote attackers to bypass authentication and gain administrative access by creating an admin account via a direct request to adduser.php.
by t0pP8uZz
WR-Meeting 1.0 - Path Traversal via msnum Parameter
Directory traversal vulnerability in index.php in WR-Meeting 1.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the msnum parameter in a coment event.
by Cr@zy_King
PHP-Nuke 'KuiraniKerim' Module - 'sid' SQL Injection
by Lovebug
How2ASP.net Webboard 4.1 - SQL Injection via qNo Parameter
SQL injection vulnerability in showQAnswer.asp in How2ASP.net Webboard 4.1 allows remote attackers to execute arbitrary SQL commands via the qNo parameter.
by CWH Underground
Zomplog 3.8.2 - 'force_download.php' File Disclosure
by Stack
DigitalHive 2.0 RC2 - Path Traversal via Page Parameter
Directory traversal vulnerability in template/purpletech/base_include.php in DigitalHive (aka hive) 2.0 RC2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
by ZoRLu
AN Guestbook 0.4 - Cross-Site Scripting via send_email.php postid Parameter
Cross-site scripting (XSS) vulnerability in send_email.php in AN Guestbook (ANG) 0.4 allows remote attackers to inject arbitrary web script or HTML via the postid parameter.
by ZoRLu
ACGV News 0.9.1 - SQL Injection via glossaire.php id Parameter
SQL injection vulnerability in glossaire.php in ACGV News 0.9.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by ZoRLu
ACGV News 0.9.1 - Cross-Site Scripting via glossaire.php id Parameter
Cross-site scripting (XSS) vulnerability in glossaire.php in ACGV News 0.9.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
by ZoRLu
News Manager 2.0 - Path Traversal via Attachments.php ID Parameter
Directory traversal vulnerability in attachments.php in News Manager 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter.
by GoLd_M
News Manager 2.0 - Remote Code Execution via ch_readalso.php read_xml_include Parameter
PHP remote file inclusion vulnerability in ch_readalso.php in News Manager 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the read_xml_include parameter.
by GoLd_M
News Manager 2.0 - SQL Injection via lang or pid Parameter
Multiple SQL injection vulnerabilities in News Manager 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) lang parameter to (a) advsearch.php, (b) archive.php, and (c) index.php, and the (2) pid parameter to (d) list_tagitems.php.
by GoLd_M
Web Slider 0.6 - Unauthenticated Privilege Escalation via Admin Cookie
Admin.php in Web Slider 0.6 allows remote attackers to bypass authentication and gain privileges by setting the admin cookie to 1.
by t0pP8uZz
Rantx - Unauthenticated Authentication Bypass via logininfo Cookie
The admin.php file in Rantx allows remote attackers to bypass authentication and gain privileges by setting the logininfo cookie to "<?php" or "?>", which is present in the password file and probably passes an insufficient comparison.
by t0pP8uZz
News Manager 2.0 - Information Disclosure via Direct Request
News Manager 2.0 allows remote attackers to bypass restrictions and obtain sensitive information via a direct request to (1) db/connect_str.php and (2) login/info.php.
by GoLd_M
Tpvgames Mpcs - Access Control
admin.php in Multi-Page Comment System (MPCS) 1.0 and 1.1 allows remote attackers to bypass authentication and gain privileges by setting the CommentSystemAdmin cookie to 1.
by t0pP8uZz
By Source