Text Exploits

31,394 exploits tracked across all sources.

Sort: Activity Stars
CVE-2007-6515 EXPLOITDB text VERIFIED
SiteScape Forum - Remote Code Execution via TCL Code Separator in Query String
support/dispatch.cgi in SiteScape Forum allows remote attackers to execute arbitrary TCL code via code separator characters in the query string.
by niekt0
CVE-2007-6514 EXPLOITDB text VERIFIED
Apache HTTP Server - Info Disclosure
Apache HTTP Server, when running on Linux with a document root on a Windows share mounted using smbfs, allows remote attackers to obtain unprocessed content such as source files for .php programs via a trailing "\" (backslash), which is not handled by the intended AddType directive.
by Maciej Piotr Falkiewicz
CVE-2007-6506 EXPLOITDB text VERIFIED
HP Software Update <4.000.005.007 - RCE
The HPRulesEngine.ContentCollection.1 ActiveX Control in RulesEngine.dll for HP Software Update 4.000.005.007 and earlier, including 3.0.8.4, allows remote attackers to (1) overwrite and corrupt arbitrary files via arguments to the SaveToFile method, and possibly (2) access arbitrary files via the LoadDataFromFile method.
by porkythepig
CVE-2007-6508 EXPLOITDB text VERIFIED
xeCMS 1.0 - Path Traversal via List Parameter
Directory traversal vulnerability in view.php in xeCMS 1.0 allows remote attackers to read arbitrary files via a ..%2F (dot dot slash) in the list parameter.
by p4imi0
CVE-2006-5521 EXPLOITDB text VERIFIED
Net_DNS < 0.03 - Remote File Inclusion via phpdns_basedir Parameter
PHP remote file inclusion vulnerability in DNS/RR.php in Net_DNS 0.03 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpdns_basedir parameter.
by RoMaNcYxHaCkEr
CVE-2007-6475 EXPLOITDB text VERIFIED
GF-3XPLORER 2.4 - Remote File Inclusion via Lang_sel Parameter
Multiple directory traversal vulnerabilities in GF-3XPLORER 2.4 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang_sel parameter to (1) updater.php and (2) thumber.php.
by MhZ91
CVE-2007-6474 EXPLOITDB text VERIFIED
GF-3XPLORER 2.4 - Cross-Site Scripting via newdir Parameter
Multiple cross-site scripting (XSS) vulnerabilities in GF-3XPLORER 2.4 allow remote attackers to inject arbitrary web script or HTML via the newdir parameter to index_3x.php, and unspecified other vectors.
by MhZ91
CVE-2007-6493 EXPLOITDB text VERIFIED
imesh < 7.1.0.37263 - Remote Code Execution via SetHandler Method
The IMWeb.IMWebControl.1 ActiveX control in IMWeb.dll 7.0.0.x, and possibly IMWebControl.dll, in iMesh 7.1.0.x and earlier allows remote attackers to execute arbitrary code via a certain argument to the SetHandler method.
by rgod
CVE-2007-6472 EXPLOITDB text VERIFIED
phpMyRealty 1.0.9 - SQL Injection via Search Type Parameter
Multiple SQL injection vulnerabilities in phpMyRealty (PMR) 1.0.9 allow (1) remote attackers to execute arbitrary SQL commands via the type parameter to search.php and (2) remote authenticated administrators to execute arbitrary SQL commands via the listing_updated_days parameter to admin/findlistings.php. NOTE: some of these details are obtained from third party information.
by Koller
CVE-2007-6668 EXPLOITDB text VERIFIED
MySpace Content Zone <3.x - Unrestricted File Upload
admin/uploadgames.php in MySpace Content Zone (MCZ) 3.x does not require administrative privileges, which allows remote attackers to perform unrestricted file uploads, as demonstrated by uploading (1) a .php file and (2) a .php%00.jpeg file.
by Don
CVE-2007-6455 EXPLOITDB text VERIFIED
Mambo 4.6.2 - Cross-Site Scripting via Itemid or Option Parameter
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Mambo 4.6.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Itemid parameter in a com_frontpage option and the (2) option parameter.
by Beenu Arora
CVE-2007-6476 EXPLOITDB text VERIFIED
GF-3XPLORER 2.4 - Exposure of Sensitive Information via phpinfo.php
GF-3XPLORER 2.4 allows remote attackers to obtain configuration information via a direct request to explorer/phpinfo.php, which calls the phpinfo function.
by MhZ91
CVE-2007-6479 EXPLOITDB text VERIFIED
Dokeos 1.8.4 - Authenticated Arbitrary File Upload via Double Extension Bypass
Unrestricted file upload vulnerability in the "My productions" component for main/auth/profile.php (aka the "My profile" page) in Dokeos 1.8.4 allows remote authenticated users to upload and execute arbitrary PHP files via a filename with a double extension, which can then be accessed through a URI under main/upload/users/.
by RoMaNcYxHaCkEr
CVE-2007-6244 EXPLOITDB text VERIFIED
Adobe Flash Player <9.0.48.0,8.0.35.0 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player 9.x up to 9.0.48.0 and 8.x up to 8.0.35.0 allow remote attackers to inject arbitrary web script or HTML via (1) a SWF file that uses the asfunction: protocol or (2) the navigateToURL function when used with the Flash Player ActiveX Control in Internet Explorer.
by Rich Cannings
CVE-2007-6244 EXPLOITDB text VERIFIED
Adobe Flash Player <9.0.48.0,8.0.35.0 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player 9.x up to 9.0.48.0 and 8.x up to 8.0.35.0 allow remote attackers to inject arbitrary web script or HTML via (1) a SWF file that uses the asfunction: protocol or (2) the navigateToURL function when used with the Flash Player ActiveX Control in Internet Explorer.
by Adam Barth
CVE-2007-6702 EXPLOITDB text VERIFIED
GoAhead Web Server - Info Disclosure
goform/QuickStart_c0 on the GoAhead Web Server on the FS4104-AW (aka rooter) VDSL device contains a password in the typepassword field, which allows remote attackers to obtain this password by reading the HTML source, a different vulnerability than CVE-2002-1603.
by NeoCoderz
EIP-2026-110757 EXPLOITDB text VERIFIED
PHP Security Framework - Multiple Input Validation Vulnerabilities
by DarkFig
EIP-2026-109899 EXPLOITDB text VERIFIED
Neuron News 1.0 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities
by hadihadi & black.shadowes
CVE-2007-6509 EXPLOITDB text VERIFIED
Appian Enterprise BPM <5.6 SP1 - DoS
Unspecified vulnerability in Appian Enterprise Business Process Management (BPM) Suite 5.6 SP1 allows remote attackers to cause a denial of service via a crafted packet to port 5400/tcp.
by Chris Castaldo
CVE-2007-6454 EXPLOITDB text VERIFIED
PeerCast < 0.1217 - Heap-Based Buffer Overflow via Long SOURCE Request
Heap-based buffer overflow in the handshakeHTTP function in servhs.cpp in PeerCast 0.1217 and earlier, and SVN 344 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request.
by Luigi Auriemma
EIP-2026-100438 EXPLOITDB text VERIFIED
MOJO IWms 7 - 'default.asp' Cookie Manipulation
by cp77fk4r
EIP-2026-113499 EXPLOITDB text VERIFIED
WordPress Core 2.3.1 - Unauthorized Post Access
by Michael Brooks
CVE-2007-6470 EXPLOITDB text VERIFIED
phpRPG 0.8 - Session Hijacking via Insecure Session File Storage
phpRPG 0.8 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read session ID values in files under tmp/, and then hijack sessions via PHPSESSID cookies.
by Michael Brooks
CVE-2007-6471 EXPLOITDB text VERIFIED
phpay 2.02.01 - Path Traversal via Config Parameter
Incomplete blacklist vulnerability in main.php in phPay 2.02.01 on Windows allows remote attackers to conduct directory traversal attacks and include and execute arbitrary local files via a ..\ (dot dot backslash) in the config parameter.
by Michael Brooks
CVE-2007-6462 EXPLOITDB text VERIFIED
PHP Real Estate Classifieds - SQL Injection
SQL injection vulnerability in fullnews.php in PHP Real Estate Classifieds allows remote attackers to execute arbitrary SQL commands via the id parameter.
by t0pP8uZz