Text Exploits

31,394 exploits tracked across all sources.

Sort: Activity Stars
CVE-2008-5210 EXPLOITDB text VERIFIED
PhpBlock A8.5 - Remote Code Execution via PATH_TO_CODE Parameter
Multiple PHP remote file inclusion vulnerabilities in PhpBlock A8.5 allow remote attackers to execute arbitrary PHP code via a URL in the PATH_TO_CODE parameter to (1) script/init/createallimagecache.php, (2) allincludefortick.php and (3) test.php in script/tick/, and (4) modules/dungeon/tick/allincludefortick.php, different vectors than CVE-2008-1776.
by CraCkEr
CVE-2008-6648 EXPLOITDB text VERIFIED
Ktools PhotoStore 3.4.3 and 3.5.2 - SQL Injection via gid Parameter
SQL injection vulnerability in crumbs.php in Ktools PhotoStore 3.4.3 and 3.5.2 allows remote attackers to execute arbitrary SQL commands via the gid parameter to about_us.php. NOTE: this might be the same issue as CVE-2008-6647.
by DNX
EIP-2026-110408 EXPLOITDB text VERIFIED
OtherLogic - 'vocourse.php' SQL Injection
by Breeeeh
CVE-2008-6649 EXPLOITDB text VERIFIED
Ktools PhotoStore <= 3.5.2 - SQL Injection via id Parameter
SQL injection vulnerability in manager/image_details_editor.php in Ktools PhotoStore 2.5, 2.9.8, 3.1.0, and other versions through 3.5.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by DNX
CVE-2008-6631 EXPLOITDB text VERIFIED
BlogPHP 2.0 - Cross-Site Scripting via User Parameter in Sendmessage Action and Username Parameter in Registration
Multiple cross-site scripting (XSS) vulnerabilities in index.php in BlogPHP 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) user parameter in a sendmessage action and the (2) username parameter when registering a new user, different vectors than CVE-2008-0679.
by David Sopas Ferreira
CVE-2008-2529 EXPLOITDB text VERIFIED
Advanced Links Management 1.5.2 - SQL Injection via catId Parameter
SQL injection vulnerability in read.php in Advanced Links Management (ALM) 1.5.2 allows remote attackers to execute arbitrary SQL commands via the catId parameter.
by His0k4
CVE-2008-6647 EXPLOITDB text VERIFIED
Ktools PhotoStore 3.4.3 - SQL Injection via Gallery gid Parameter
SQL injection vulnerability in gallery.php in Ktools PhotoStore 3.4.3 allows remote attackers to execute arbitrary SQL commands via the gid parameter.
by Mr.SQL
CVE-2008-2534 EXPLOITDB text VERIFIED
Phoenix View CMS Pre Alpha2 and earlier - Path Traversal via ltarget Parameter
Directory traversal vulnerability in admin/admin_frame.php in Phoenix View CMS Pre Alpha2 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ltarget parameter.
by tw8
CVE-2008-2533 EXPLOITDB text VERIFIED
Phoenix View CMS Pre Alpha2 and earlier - Cross-Site Scripting via ltarget and conf Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Phoenix View CMS Pre Alpha2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ltarget parameter to (a) admin/admin_frame.php and the (2) conf parameter to (b) gbuch.admin.php, (c) links.admin.php, (d) menue.admin.php, (e) news.admin.php, and (f) todo.admin.php in admin/module/.
by tw8
EIP-2026-114224 EXPLOITDB text VERIFIED
WordPress Plugin WP Photo Album - 'photo' SQL Injection
by THE_MILLER
CVE-2008-2535 EXPLOITDB text VERIFIED
Phoenix View CMS Pre Alpha2 and earlier - SQL Injection via del Parameter
Multiple SQL injection vulnerabilities in Phoenix View CMS Pre Alpha2 and earlier allow remote attackers to execute arbitrary SQL commands via the del parameter to (1) gbuch.admin.php, (2) links.admin.php, (3) menue.admin.php, (4) news.admin.php, and (5) todo.admin.php in admin/module/.
by tw8
CVE-2008-6649 EXPLOITDB text VERIFIED
Ktools PhotoStore <= 3.5.2 - SQL Injection via id Parameter
SQL injection vulnerability in manager/image_details_editor.php in Ktools PhotoStore 2.5, 2.9.8, 3.1.0, and other versions through 3.5.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Mr.SQL
CVE-2008-2537 EXPLOITDB text VERIFIED
HispaH Model Search - SQL Injection via cat Parameter
SQL injection vulnerability in cat.php in HispaH Model Search allows remote attackers to execute arbitrary SQL commands via the cat parameter.
by InjEctOr5
CVE-2008-2070 EXPLOITDB text VERIFIED
cPanel 11.15.0-11.18.3 and 11.22-11.22.2 - Cross-Site Scripting via Malformed HTML Tags
The WHM interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 before 11.22.3 allows remote attackers to bypass XSS protection and inject arbitrary script or HTML via repeated, improperly-ordered "<" and ">" characters in the (1) issue parameter to scripts2/knowlegebase, (2) user parameter to scripts2/changeip, (3) search parameter to scripts2/listaccts, and other unspecified vectors.
by Matteo Carli
CVE-2008-2070 EXPLOITDB text VERIFIED
cPanel 11.15.0-11.18.3 and 11.22-11.22.2 - Cross-Site Scripting via Malformed HTML Tags
The WHM interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 before 11.22.3 allows remote attackers to bypass XSS protection and inject arbitrary script or HTML via repeated, improperly-ordered "<" and ">" characters in the (1) issue parameter to scripts2/knowlegebase, (2) user parameter to scripts2/changeip, (3) search parameter to scripts2/listaccts, and other unspecified vectors.
by Matteo Carli
CVE-2008-2070 EXPLOITDB text VERIFIED
cPanel 11.15.0-11.18.3 and 11.22-11.22.2 - Cross-Site Scripting via Malformed HTML Tags
The WHM interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 before 11.22.3 allows remote attackers to bypass XSS protection and inject arbitrary script or HTML via repeated, improperly-ordered "<" and ">" characters in the (1) issue parameter to scripts2/knowlegebase, (2) user parameter to scripts2/changeip, (3) search parameter to scripts2/listaccts, and other unspecified vectors.
by Matteo Carli
CVE-2008-5209 EXPLOITDB text VERIFIED
Admidio 1.4.8 - Path Traversal via File Parameter in get_file.php
Directory traversal vulnerability in modules/download/get_file.php in Admidio 1.4.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
by n3v3rh00d
CVE-2008-2138 EXPLOITDB text VERIFIED
Oracle Application Server Portal 10g - Unauthenticated Directory Traversal via Trailing %0A
Oracle Application Server (OracleAS) Portal 10g allows remote attackers to bypass intended access restrictions and read the contents of /dav_portal/portal/ by sending a request containing a trailing "%0A" (encoded line feed), then using the session ID that is generated from that request. NOTE: as of 20080512, Oracle has not commented on the accuracy of this report.
by Deniz Cevik
CVE-2008-2168 EXPLOITDB text VERIFIED
Apache HTTP Server <= 2.2.6 - Cross-Site Scripting via UTF-7 Encoded URLs
Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page.
by Yaniv Miron
CVE-2008-2224 EXPLOITDB text VERIFIED
SazCart 1.5.1 - Remote Code Execution via PHP File Inclusion
Multiple PHP remote file inclusion vulnerabilities in SazCart 1.5.1, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) _saz[settings][site_dir] parameter to layouts/default/header.saz.php and the (2) _saz[settings][site_url] parameter to admin/alayouts/default/pages/login.php.
by RoMaNcYxHaCkEr
CVE-2008-6650 EXPLOITDB text VERIFIED
miniBloggie 1.0 - Unauthenticated Arbitrary Post Deletion via post_id Parameter
del.php in miniBloggie 1.0 allows remote attackers to delete arbitrary posts via a direct request with a modified post_id parameter, a different vulnerability than CVE-2008-4628.
by Cod3rZ
CVE-2008-2228 EXPLOITDB text VERIFIED
Cyberfolio 7.12 - Remote Code Execution via rep Parameter
PHP remote file inclusion vulnerability in portfolio/commentaires/derniers_commentaires.php in Cyberfolio 7.12, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the rep parameter.
by RoMaNcYxHaCkEr
CVE-2008-2167 EXPLOITDB text VERIFIED
ZyXEL ZyWALL 100 - Cross-Site Scripting via Referer Header
Cross-site scripting (XSS) vulnerability in ZyXEL ZyWALL 100 allows remote attackers to inject arbitrary web script or HTML via the Referer header, which is not properly handled in a 404 Error page.
by Deniz Cevik
CVE-2008-2162 EXPLOITDB text VERIFIED
SonicWall Email Security 6.1.1 - Cross-Site Scripting via Host Header
Cross-site scripting (XSS) vulnerability in SonicWall Email Security 6.1.1 allows remote attackers to inject arbitrary web script or HTML via the Host header in a request to a non-existent web page, which is not properly sanitized in an error page.
by Deniz Cevik
CVE-2008-2123 EXPLOITDB text VERIFIED
SAP Internet Transaction Server 6.20 - Cross-Site Scripting via WGate ~service Parameter
Cross-site scripting (XSS) vulnerability in WGate in SAP Internet Transaction Server (ITS) 6.20 allows remote attackers to inject arbitrary web script or HTML via (1) a "<>" sequence in the ~service parameter to wgate.dll, or (2) Javascript splicing in the query string, a different vector than CVE-2006-5114.
by Portcullis