Text Exploits
31,394 exploits tracked across all sources.
Sun Java System Identity Manager 6.0 SP1-SP3, 7.0, 7.1 - Frame Injection via helpUrl Parameter
/idm/help/index.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows remote attackers to inject frames from arbitrary web sites and conduct phishing attacks via the helpUrl parameter, aka "frame injection."
by Jan Fry & Adrian Pastor
Sun Java System Identity Manager 6.0 SP1-SP3, 7.0, 7.1 - Cross-Site Scripting
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allow remote attackers to inject arbitrary HTML or web script via the (1) cntry or lang parameters to /idm/login.jsp, (2) resultsForm parameter to /idm/account/findForSelect.jsp, or (3) activeControl parameter to /idm/user/main.jsp.
by Jan Fry & Adrian Pastor
Zero CMS 1.0 Alpha - SQL Injection via id f or t Parameter
Multiple SQL injection vulnerabilities in Zero CMS 1.0 Alpha allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to index.php, or the (2) f or t parameters to forums/index.php.
by KiNgOfThEwOrLd
EvilBoard 0.1a - SQL Injection via c Parameter
SQL injection vulnerability in index.php in EvilBoard 0.1a (Alpha) allows remote attackers to execute arbitrary SQL commands the c parameter.
by seaofglass
Zero CMS 1.0 Alpha and earlier - Unauthenticated Arbitrary File Upload via Avatar Content-Type Bypass
Unrestricted file upload vulnerability in Zero CMS 1.0 Alpha and earlier allows remote attackers to bypass intended access restrictions and upload and execute arbitrary files by uploading an avatar file with an accepted Content-Type such as image/jpeg.
by KiNgOfThEwOrLd
Sys-Hotel on Line System - Path Traversal via Encoded File Parameter
Absolute path traversal vulnerability in index.php in Sys-Hotel on Line System allows remote attackers to read arbitrary files via an encoded "/" ("%2F") in the file parameter.
by p4imi0
Merak IceWarp Mail Server - Cross-Site Scripting via Admin Index Message Parameter
Cross-site scripting (XSS) vulnerability in admin/index.html in Merak IceWarp Mail Server allows remote attackers to inject arbitrary web script or HTML via the message parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by Ekin0x
EvilBoard 0.1a - Cross-Site Scripting via Index.php c Parameter
Cross-site scripting (XSS) vulnerability in index.php in EvilBoard 0.1a (Alpha) allows remote attackers to inject arbitrary web script or HTML via the c parameter.
by seaofglass
OneCMS < 2.4 - SQL Injection via Username or User Parameter
Multiple SQL injection vulnerabilities in OneCMS 2.4, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) username parameter ($usernameb variable) to a_login.php or (2) user parameter to staff.php.
by BugReport.IR
ekinboard < 1.1.0 - Unauthenticated Privilege Escalation via _groups Parameter
EkinBoard 1.1.0 and earlier, when register_globals is enabled, allows remote attackers to bypass authorization and gain administrator privileges by setting the _groups[] parameter to 2, as demonstrated via backup.php.
by Eugene Minaev
TUTOS 1.3 - Remote Code Execution via cmd.php cmd Parameter
TUTOS 1.3 does not restrict access to php/admin/cmd.php, which allows remote attackers to execute arbitrary shell commands via the cmd parameter in a direct request.
by Houssamix
Ensoniq PCI 1371 - Privilege Escalation
CreativeLabs es1371mp.sys 5.1.3612.0 WDM audio driver, as used in Ensoniq PCI 1371 sound cards and when running on Windows Vista, does not create a Functional Device Object (FDO) to prevent user-moade access to the Physical Device Object (PDO), which allows local users to gain SYSTEM privileges via a crafted IRP request that dereferences a NULL FsContext pointer.
by Ruben Santamarta
TUTOS 1.3 - Information Exposure via phpinfo.php
TUTOS 1.3 allows remote attackers to read system information via a direct request to php/admin/phpinfo.php, which calls the phpinfo function.
by Houssamix
Strawberry 1.1.1 - 'html.php' Remote Code Execution
by Eugene Minaev
OneCMS < 2.4 - Unauthenticated Arbitrary File Upload and Remote Code Execution via a_upload.php
Unrestricted file upload vulnerability in the add2 action in a_upload.php in OneCMS 2.4, and possibly earlier, allows remote attackers to execute arbitrary code by uploading a file with an executable extension and using a safe content type such as image/gif, then accessing it via a direct request to the file in an unspecified directory.
by BugReport.IR
eticket 1.5.5.2 - Cross-Site Scripting via s Parameter
Cross-site scripting (XSS) vulnerability in view.php in eTicket 1.5.5.2 allows remote attackers to inject arbitrary web script or HTML via the s parameter.
by L4teral
eTicket 1.5.5.2 - Authenticated SQL Injection via search.php and admin.php Parameters
Multiple SQL injection vulnerabilities in eTicket 1.5.5.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) status, (2) sort, and (3) way parameters to search.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the (4) msg and (5) password parameters to admin.php.
by L4teral
eTicket 1.5.5.2 - Authenticated SQL Injection via search.php and admin.php Parameters
Multiple SQL injection vulnerabilities in eTicket 1.5.5.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) status, (2) sort, and (3) way parameters to search.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the (4) msg and (5) password parameters to admin.php.
by L4teral
ekinboard < 1.1.0 - Unauthenticated Arbitrary File Upload and Remote Code Execution via Avatar File Extension Bypass
Unrestricted file upload vulnerability in EkinBoard 1.1.0 and earlier allows remote attackers to execute arbitrary code by uploading an avatar file with an executable extension followed by a safe extension, then accessing it via a direct request to the file in uploaded/avatars/.
by Eugene Minaev
Snitz Forums 2000 3.4.5/3.4.6 - Multiple Cross-Site Scripting Vulnerabilities
by Doz
PortalApp 4.0 - SQL Injection via forums.asp sortby Parameter
SQL injection vulnerability in forums.asp in PortalApp 4.0 allows remote attackers to execute arbitrary SQL commands via the sortby parameter.
by r3dm0v3
PortalApp 4.0 - Cross-Site Scripting via Keywords Parameter
Cross-site scripting (XSS) vulnerability in PortalApp 4.0 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter to (1) forums.asp and (2) content.asp.
by r3dm0v3
NetRisk 1.9.7 - SQL Injection via PID Parameter
SQL injection vulnerability in index.php in NetRisk 1.9.7 and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via the pid parameter in a profile page (possibly profile.php).
by Virangar Security
Uebimiau Webmail 2.7.10 and 2.7.2 - Authenticated Path Traversal via Selected Theme Parameter
Directory traversal vulnerability in error.php in Uebimiau Webmail 2.7.10 and 2.7.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the selected_theme parameter, a different vector than CVE-2007-3172.
by Eugene Minaev
XOOPS mod_gallery - Remote File Inclusion via GALLERY_BASEDIR Parameter
PHP remote file inclusion vulnerability in xoopsgallery/init_basic.php in the mod_gallery module for XOOPS, when register_globals is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the GALLERY_BASEDIR parameter.
by Eugene Minaev
By Source