Text Exploits
31,394 exploits tracked across all sources.
Larson Network Print Server < 9.4.2 - Remote Code Execution via Long LICENSE Command
Stack-based buffer overflow in NPSpcSVR.exe in Larson Network Print Server (LstNPS) 9.4.2 build 105 and earlier allows remote attackers to execute arbitrary code via a long argument in a LICENSE command on TCP port 3114.
by Luigi Auriemma
Virtual War 1.5 - SQL Injection via Calendar Month Parameter
SQL injection vulnerability in calendar.php in Virtual War (VWar) 1.5 allows remote attackers to execute arbitrary SQL commands via the month parameter.
by Pouya_Server
Rapid-Source Rapid-Recipe Component - Multiple SQL Injections
by breaker_unit
Joomla! / Mambo Component com_comments 0.5.8.5g - 'id' SQL Injection
by CheebaHawk215
RPM Remote Print Manager 4.5.1 - Service Remote Buffer Overflow
by Luigi Auriemma
cyanPrintIP and Opium4 OPI Server < 4.10.1030 - Remote Code Execution via Format String in LPD Queue Name
Format string vulnerability in the ReportSysLogEvent function in the LPD server in cyan soft Opium OPI Server 4.10.1028 and earlier; cyanPrintIP Easy OPI, Professional, and Basic 4.10.1030 and earlier; Workstation 4.10.836 and earlier; and Standard 4.10.940 and earlier; might allow remote attackers to execute arbitrary code via format string specifiers in the queue name in a request.
by Luigi Auriemma
cyan soft cyanPrintIP and Opium OPI Server - Denial of Service via LPD Command 3 or 4
The LPD server in cyan soft Opium OPI Server 4.10.1028 and earlier; cyanPrintIP Easy OPI, Professional, and Basic 4.10.1030 and earlier; Workstation 4.10.836 and earlier; and Standard 4.10.940 and earlier; allows remote attackers to cause a denial of service (daemon crash) via a connection that begins with (1) a "Send queue state" LPD command 3 or (2) a "Send queue state" LPD command 4.
by Luigi Auriemma
F5 BIG-IP 9.4.3 - Cross-Site Request Forgery via Web Management Console
Web Management Console Cross-site request forgery (CSRF) vulnerability in the web management console in F5 BIG-IP 9.4.3 allows remote attackers to hijack the authentication of administrators for requests that create new administrators and execute shell commands, as demonstrated using tmui/Control/form.
by nnposter
ADOdb Lite < 1.42 - Remote Code Execution via last_module Parameter
Eval injection vulnerability in adodb-perf-module.inc.php in ADOdb Lite 1.42 and earlier, as used in products including CMS Made Simple, SAPID CMF, Journalness, PacerCMS, and Open-Realty, allows remote attackers to execute arbitrary code via PHP sequences in the last_module parameter.
by GoLd_M
PK-Designs PKs Movie Database 3.0.3 - Cross-Site Scripting / SQL Injection
by Houssamix
ADOdb Lite < 1.42 - Remote Code Execution via last_module Parameter
Eval injection vulnerability in adodb-perf-module.inc.php in ADOdb Lite 1.42 and earlier, as used in products including CMS Made Simple, SAPID CMF, Journalness, PacerCMS, and Open-Realty, allows remote attackers to execute arbitrary code via PHP sequences in the last_module parameter.
by GoLd_M
iTechBids Gold 6.0 - SQL Injection via detail.php item_id Parameter
SQL injection vulnerability in detail.php in iTechBids Gold 6.0 allows remote attackers to execute arbitrary SQL commands via the item_id parameter.
by SoSo H H
ExtremeZ-IP File and Print Server < 5.1.2 - Denial of Service via SLP Packet Length Mismatch
ExtremeZ-IP.exe in ExtremeZ-IP File and Print Server 5.1.2x15 and earlier does not verify that a certain "number of URLs" field is consistent with the packet length, which allows remote attackers to cause a denial of service (daemon crash) via a large integer in this field in a packet to the Service Location Protocol (SLP) service on UDP port 427, triggering an out-of-bounds read.
by Luigi Auriemma
PK-Designs PKs Movie Database 3.0.3 - '/index.php' SQL Injection / Cross-Site Scripting
by Houssamix
Phil Taylor Comments < 0.5.8.5g - SQL Injection via id Parameter
SQL injection vulnerability in Phil Taylor Comments (com_comments, aka Review Script) 0.5.8.5g and earlier component for Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter.
by CheebaHawk215
DomPHP 0.82 - Path Traversal via Page Parameter
Directory traversal vulnerability in aides/index.php in DomPHP 0.82 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
by Houssamix
Apache Tomcat 4.1.0-4.1.35, 5.5.0-5.5.25, 6.0.0-6.0.14 - Session ID Exposure via Cookie Handling
Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle (1) double quote (") characters or (2) %5C (encoded backslash) sequences in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks. NOTE: this issue exists because of an incomplete fix for CVE-2007-3385.
by John Kew
jetAudio Basic < 7.0.5 - Stack-based Buffer Overflow via Long URL in ASX File
Stack-based buffer overflow in COWON America jetAudio 7.0.5 and earlier allows user-assisted remote attackers to execute arbitrary code via a long URL in a .asx file, a different vulnerability than CVE-2007-5487.
by laurent gaffié
serendipity_event_freetag < 2.96 - Cross-Site Scripting via PATH_INFO
Cross-site scripting (XSS) vulnerability in the Freetag before 2.96 plugin for S9Y Serendipity, when using Internet Explorer 6 or 7, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to plugin/tag/.
by Alexander Brachmann
PowerScripts PowerNews 2.5.6 - Path Traversal via Subpage Parameter
Multiple directory traversal vulnerabilities in PowerScripts PowerNews 2.5.6 allow remote attackers to read and include arbitrary files via a .. (dot dot) in the (1) subpage parameter in (a) categories.inc.php, (b) news.inc.php, (c) other.inc.php, (d) permissions.inc.php, (e) templates.inc.php, and (f) users.inc.php in pnadmin/; and (2) the page parameter to (g) pnadmin/index.php. NOTE: vector 2 is only exploitable by administrators.
by DSecRG
Level Platforms Managed Workplace Service Center 4.x-6.x - Information Exposure via Direct Request to About/SC_About.htm
Level Platforms, Inc. (LPI) Managed Workplace Service Center 4.x, 5.x and 6.x allows remote attackers to obtain sensitive information via a direct request to About/SC_About.htm, which provides version and patch information.
by Brook Powers
com_gallery - SQL Injection via id Parameter
SQL injection vulnerability in index.php in the Gallery (com_gallery) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.
by S@BUN
Joovili < 2.1 - Remote Code Execution via members_help.php hlp Parameter
PHP remote file inclusion vulnerability in members_help.php in Joovili 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the hlp parameter.
by Cr@zy_King
Joomla com_neogallery 1.1 - SQL Injection via catid Parameter
SQL injection vulnerability in index.php in the Neogallery (com_neogallery) 1.1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show action.
by S@BUN
Calimero.CMS 3.3 - Cross-Site Scripting via id Parameter in calimero_webpage Action
Cross-site scripting (XSS) vulnerability in index.php in Calimero.CMS 3.3 allows remote attackers to inject arbitrary web script or HTML via the id parameter in a calimero_webpage action.
by Psiczn
By Source