Text Exploits

31,394 exploits tracked across all sources.

Sort: Activity Stars
CVE-2008-0240 EXPLOITDB text VERIFIED
Sun Java System Identity Manager 6.0 SP1-SP3, 7.0, 7.1 - Frame Injection via helpUrl Parameter
/idm/help/index.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows remote attackers to inject frames from arbitrary web sites and conduct phishing attacks via the helpUrl parameter, aka "frame injection."
by Jan Fry & Adrian Pastor
CVE-2008-0239 EXPLOITDB text VERIFIED
Sun Java System Identity Manager 6.0 SP1-SP3, 7.0, 7.1 - Cross-Site Scripting
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allow remote attackers to inject arbitrary HTML or web script via the (1) cntry or lang parameters to /idm/login.jsp, (2) resultsForm parameter to /idm/account/findForSelect.jsp, or (3) activeControl parameter to /idm/user/main.jsp.
by Jan Fry & Adrian Pastor
CVE-2008-0232 EXPLOITDB text VERIFIED
Zero CMS 1.0 Alpha - SQL Injection via id f or t Parameter
Multiple SQL injection vulnerabilities in Zero CMS 1.0 Alpha allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to index.php, or the (2) f or t parameters to forums/index.php.
by KiNgOfThEwOrLd
CVE-2008-0154 EXPLOITDB text VERIFIED
EvilBoard 0.1a - SQL Injection via c Parameter
SQL injection vulnerability in index.php in EvilBoard 0.1a (Alpha) allows remote attackers to execute arbitrary SQL commands the c parameter.
by seaofglass
CVE-2008-0233 EXPLOITDB text VERIFIED
Zero CMS 1.0 Alpha and earlier - Unauthenticated Arbitrary File Upload via Avatar Content-Type Bypass
Unrestricted file upload vulnerability in Zero CMS 1.0 Alpha and earlier allows remote attackers to bypass intended access restrictions and upload and execute arbitrary files by uploading an avatar file with an accepted Content-Type such as image/jpeg.
by KiNgOfThEwOrLd
CVE-2008-0184 EXPLOITDB text VERIFIED
Sys-Hotel on Line System - Path Traversal via Encoded File Parameter
Absolute path traversal vulnerability in index.php in Sys-Hotel on Line System allows remote attackers to read arbitrary files via an encoded "/" ("%2F") in the file parameter.
by p4imi0
CVE-2008-0218 EXPLOITDB text VERIFIED
Merak IceWarp Mail Server - Cross-Site Scripting via Admin Index Message Parameter
Cross-site scripting (XSS) vulnerability in admin/index.html in Merak IceWarp Mail Server allows remote attackers to inject arbitrary web script or HTML via the message parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by Ekin0x
CVE-2008-0155 EXPLOITDB text VERIFIED
EvilBoard 0.1a - Cross-Site Scripting via Index.php c Parameter
Cross-site scripting (XSS) vulnerability in index.php in EvilBoard 0.1a (Alpha) allows remote attackers to inject arbitrary web script or HTML via the c parameter.
by seaofglass
CVE-2008-7208 EXPLOITDB text VERIFIED
OneCMS < 2.4 - SQL Injection via Username or User Parameter
Multiple SQL injection vulnerabilities in OneCMS 2.4, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) username parameter ($usernameb variable) to a_login.php or (2) user parameter to staff.php.
by BugReport.IR
CVE-2008-7156 EXPLOITDB text VERIFIED
ekinboard < 1.1.0 - Unauthenticated Privilege Escalation via _groups Parameter
EkinBoard 1.1.0 and earlier, when register_globals is enabled, allows remote attackers to bypass authorization and gain administrator privileges by setting the _groups[] parameter to 2, as demonstrated via backup.php.
by Eugene Minaev
CVE-2008-0148 EXPLOITDB text VERIFIED
TUTOS 1.3 - Remote Code Execution via cmd.php cmd Parameter
TUTOS 1.3 does not restrict access to php/admin/cmd.php, which allows remote attackers to execute arbitrary shell commands via the cmd parameter in a direct request.
by Houssamix
CVE-2008-7211 EXPLOITDB text
Ensoniq PCI 1371 - Privilege Escalation
CreativeLabs es1371mp.sys 5.1.3612.0 WDM audio driver, as used in Ensoniq PCI 1371 sound cards and when running on Windows Vista, does not create a Functional Device Object (FDO) to prevent user-moade access to the Physical Device Object (PDO), which allows local users to gain SYSTEM privileges via a crafted IRP request that dereferences a NULL FsContext pointer.
by Ruben Santamarta
CVE-2008-0149 EXPLOITDB text VERIFIED
TUTOS 1.3 - Information Exposure via phpinfo.php
TUTOS 1.3 allows remote attackers to read system information via a direct request to php/admin/phpinfo.php, which calls the phpinfo function.
by Houssamix
EIP-2026-112446 EXPLOITDB text VERIFIED
Strawberry 1.1.1 - 'html.php' Remote Code Execution
by Eugene Minaev
CVE-2008-7209 EXPLOITDB text VERIFIED
OneCMS < 2.4 - Unauthenticated Arbitrary File Upload and Remote Code Execution via a_upload.php
Unrestricted file upload vulnerability in the add2 action in a_upload.php in OneCMS 2.4, and possibly earlier, allows remote attackers to execute arbitrary code by uploading a file with an executable extension and using a safe content type such as image/gif, then accessing it via a direct request to the file in an unspecified directory.
by BugReport.IR
CVE-2008-0268 EXPLOITDB text VERIFIED
eticket 1.5.5.2 - Cross-Site Scripting via s Parameter
Cross-site scripting (XSS) vulnerability in view.php in eTicket 1.5.5.2 allows remote attackers to inject arbitrary web script or HTML via the s parameter.
by L4teral
CVE-2008-0267 EXPLOITDB text VERIFIED
eTicket 1.5.5.2 - Authenticated SQL Injection via search.php and admin.php Parameters
Multiple SQL injection vulnerabilities in eTicket 1.5.5.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) status, (2) sort, and (3) way parameters to search.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the (4) msg and (5) password parameters to admin.php.
by L4teral
CVE-2008-0267 EXPLOITDB text VERIFIED
eTicket 1.5.5.2 - Authenticated SQL Injection via search.php and admin.php Parameters
Multiple SQL injection vulnerabilities in eTicket 1.5.5.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) status, (2) sort, and (3) way parameters to search.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the (4) msg and (5) password parameters to admin.php.
by L4teral
CVE-2008-7157 EXPLOITDB text VERIFIED
ekinboard < 1.1.0 - Unauthenticated Arbitrary File Upload and Remote Code Execution via Avatar File Extension Bypass
Unrestricted file upload vulnerability in EkinBoard 1.1.0 and earlier allows remote attackers to execute arbitrary code by uploading an avatar file with an executable extension followed by a safe extension, then accessing it via a direct request to the file in uploaded/avatars/.
by Eugene Minaev
EIP-2026-100565 EXPLOITDB text VERIFIED
Snitz Forums 2000 3.4.5/3.4.6 - Multiple Cross-Site Scripting Vulnerabilities
by Doz
CVE-2008-4613 EXPLOITDB text VERIFIED
PortalApp 4.0 - SQL Injection via forums.asp sortby Parameter
SQL injection vulnerability in forums.asp in PortalApp 4.0 allows remote attackers to execute arbitrary SQL commands via the sortby parameter.
by r3dm0v3
CVE-2008-4612 EXPLOITDB text VERIFIED
PortalApp 4.0 - Cross-Site Scripting via Keywords Parameter
Cross-site scripting (XSS) vulnerability in PortalApp 4.0 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter to (1) forums.asp and (2) content.asp.
by r3dm0v3
CVE-2008-0185 EXPLOITDB text VERIFIED
NetRisk 1.9.7 - SQL Injection via PID Parameter
SQL injection vulnerability in index.php in NetRisk 1.9.7 and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via the pid parameter in a profile page (possibly profile.php).
by Virangar Security
CVE-2008-0140 EXPLOITDB text VERIFIED
Uebimiau Webmail 2.7.10 and 2.7.2 - Authenticated Path Traversal via Selected Theme Parameter
Directory traversal vulnerability in error.php in Uebimiau Webmail 2.7.10 and 2.7.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the selected_theme parameter, a different vector than CVE-2007-3172.
by Eugene Minaev
CVE-2008-0138 EXPLOITDB text VERIFIED
XOOPS mod_gallery - Remote File Inclusion via GALLERY_BASEDIR Parameter
PHP remote file inclusion vulnerability in xoopsgallery/init_basic.php in the mod_gallery module for XOOPS, when register_globals is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the GALLERY_BASEDIR parameter.
by Eugene Minaev