Text Exploits

31,394 exploits tracked across all sources.

Sort: Activity Stars
CVE-2008-5280 EXPLOITDB text VERIFIED
Zilab Chat and Instant Messaging (ZIM) Server <2.2 - DoS
The Local ZIM Server in Zilab Chat and Instant Messaging (ZIM) Server 2.0 and 2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted requests without required parameters.
by Luigi Auriemma
CVE-2008-0943 EXPLOITDB text VERIFIED
Aeries Student Information System 3.7.2.2 - SQL Injection via FC Parameter or Term Parameter
Multiple SQL injection vulnerabilities in Eagle Software Aeries Browser Interface (ABI) 3.7.2.2 allow remote attackers to execute arbitrary SQL commands via the (1) FC parameter to Comments.asp, or the Term parameter to (2) Labels.asp or (3) ClassList.asp.
by Arsalan Emamjomehkashan
CVE-2008-0943 EXPLOITDB text VERIFIED
Aeries Student Information System 3.7.2.2 - SQL Injection via FC Parameter or Term Parameter
Multiple SQL injection vulnerabilities in Eagle Software Aeries Browser Interface (ABI) 3.7.2.2 allow remote attackers to execute arbitrary SQL commands via the (1) FC parameter to Comments.asp, or the Term parameter to (2) Labels.asp or (3) ClassList.asp.
by Arsalan Emamjomehkashan
CVE-2008-0881 EXPLOITDB text VERIFIED
PHP-Nuke Okul Module - SQL Injection via okulid Parameter
SQL injection vulnerability in modules.php in the Okul 1.0 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the okulid parameter in an okullar action.
by Mehmet Ince
CVE-2008-0907 EXPLOITDB text VERIFIED
PHP-Nuke Inhalt Module - SQL Injection via cid Parameter
SQL injection vulnerability in the Inhalt module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter.
by Crackers_Child
CVE-2008-0906 EXPLOITDB text VERIFIED
PHP-Nuke Docum Module - SQL Injection via artid Parameter
SQL injection vulnerability in the Docum module in PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle operation.
by DamaR
CVE-2008-0916 EXPLOITDB text VERIFIED
hwdVideoShare 1.1.3 Alpha - SQL Injection via cat_id Parameter
SQL injection vulnerability in the Highwood Design hwdVideoShare (com_hwdvideoshare) 1.1.3 Alpha component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a viewcategory action to index.php.
by S@BUN
EIP-2026-108149 EXPLOITDB text VERIFIED
Joomla! / Mambo Component com_Joomlavvz - 'id' SQL Injection
by S@BUN
CVE-2008-0905 EXPLOITDB text VERIFIED
Globsy 1.0 - Path Traversal via File Parameter
Directory traversal vulnerability in globsy_edit.php in Globsy 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
by GoLd_M
CVE-2008-0912 EXPLOITDB text VERIFIED
Sybase MobiLink < 10.0.1.3629 - Remote Code Execution via Long Username, Version, or Remote ID
Multiple heap-based buffer overflows in mlsrv10.exe in Sybase MobiLink 10.0.1.3629 and earlier, as used by SQL Anywhere Developer Edition 10.0.1.3415 and probably other products, allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a long (1) username, (2) version, or (3) remote ID. NOTE: some of these details are obtained from third party information.
by Luigi Auriemma
CVE-2006-3598 EXPLOITDB text VERIFIED
PHP-Nuke Sections Module - SQL Injection via artid Parameter
SQL injection vulnerability in the Sections module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle op.
by S@BUN
CVE-2008-1169 EXPLOITDB text VERIFIED
SCI Photo Chat Server <3.4.9 - Path Traversal
Directory traversal vulnerability in the embedded HTTP server in SCI Photo Chat Server 3.4.9 and earlier allows remote attackers to read arbitrary files via a "..\" (dot dot backslash) or "../" (dot dot forward slash) in the GET command.
by Luigi Auriemma
CVE-2008-0874 EXPLOITDB text VERIFIED
XOOPS eEmpregos Module - SQL Injection via cid Parameter
SQL injection vulnerability in index.php in the eEmpregos module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action.
by S@BUN
CVE-2008-0873 EXPLOITDB text VERIFIED
jlmZone Classifieds - SQL Injection via cid Parameter in Adsview Action
SQL injection vulnerability in index.php in the jlmZone Classifieds module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in an Adsview action.
by S@BUN
EIP-2026-114452 EXPLOITDB text VERIFIED
XOOPS 'vacatures' Module - 'cid' SQL Injection
by S@BUN
EIP-2026-114451 EXPLOITDB text VERIFIED
XOOPS 'seminars' Module - 'id' SQL Injection
by S@BUN
EIP-2026-114450 EXPLOITDB text VERIFIED
XOOPS 'events' Module - 'id' SQL Injection
by S@BUN
EIP-2026-114449 EXPLOITDB text VERIFIED
XOOPS 'badliege' Module - 'id' SQL Injection
by S@BUN
CVE-2008-0872 EXPLOITDB text VERIFIED
SmarterTools SmarterMail Enterprise 4.3 - Stored Cross-Site Scripting via Email Subject STYLE Attribute
Cross-site scripting (XSS) vulnerability in SmarterTools SmarterMail Enterprise 4.3 allows remote attackers to inject arbitrary web script or HTML via a STYLE attribute of an element in the Subject field of an e-mail message.
by Juan Pablo Lopez Yacubian
CVE-2008-0878 EXPLOITDB text VERIFIED
RunCMS MyAnnonces 1.7 - SQL Injection via cid Parameter
SQL injection vulnerability in index.php in the MyAnnonces 1.7 and earlier module for RunCMS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action.
by S@BUN
CVE-2008-0879 EXPLOITDB text VERIFIED
PHP-Nuke Web Links Module - SQL Injection via cid Parameter
SQL injection vulnerability in modules.php in the Web_Links module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewlink action.
by S@BUN
EIP-2026-110893 EXPLOITDB text VERIFIED
PHP-Nuke Sections Module - 'artid' SQL Injection
by S@BUN
CVE-2008-0880 EXPLOITDB text VERIFIED
PHP-Nuke EasyContent Module - SQL Injection via page_id Parameter
SQL injection vulnerability in modules.php in the EasyContent module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the page_id parameter.
by Mehmet Ince
EIP-2026-108674 EXPLOITDB text VERIFIED
Joomla! Component iJoomla! com_magazine - 'pageid' SQL Injection
by S@BUN
EIP-2026-108157 EXPLOITDB text VERIFIED
Joomla! / Mambo Component com_team - SQL Injection
by S@BUN