Text Exploits
31,394 exploits tracked across all sources.
Flat PHP Board <1.2 - Info Disclosure
Flat PHP Board 1.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain credentials via a direct request for the username php file for any user account in users/.
by KiNgOfThEwOrLd
SH-News 3.0 - SQL Injection via id Parameter
SQL injection vulnerability in patch/comments.php in SH-News 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by hadihadi
Flyspray 0.9.9 - Multiple Cross-Site Scripting Vulnerabilities
by KAWASHIMA Takahiro
Flat PHP Board <1.2 - Info Disclosure
index.php in Flat PHP Board 1.2 and earlier allows remote authenticated users to obtain the password for the current user account by reading the password parameter value in the HTML source for the page generated by a profile action.
by KiNgOfThEwOrLd
DWdirectory < 2.1 - SQL Injection via Search Parameter
SQL injection vulnerability in DWdirectory 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the search parameter to the /search URI.
by t0pP8uZz
Content Injector 1.53 - SQL Injection
SQL injection vulnerability in index.php in Content Injector 1.53 allows remote attackers to execute arbitrary SQL commands via the id parameter in an expand action.
by S.W.A.T.
Ace Image Hosting Script - SQL Injection
SQL injection vulnerability in albums.php in Ace Image Hosting Script allows remote authenticated users to execute arbitrary SQL commands via the id parameter in editalbum mode.
by t0pP8uZz
PolDoc CMS 0.96 - Path Traversal via download_file.php filename Parameter
Directory traversal vulnerability in download_file.php in PolDoc CMS (aka PDDMS) 0.96 allows remote attackers to read arbitrary files via a .. (dot dot) or absolute pathname in the filename parameter.
by GoLd_M
Sergey Lyubka Simple HTTPD <1.38 - Path Traversal
Directory traversal vulnerability in Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier on Windows allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the URI.
by Luigi Auriemma
Sergey Lyubka Simple HTTPD <1.38 - RCE
Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier on Windows allows remote attackers to download arbitrary CGI programs or scripts via a URI with an appended (1) '+' character, (2) '.' character, (3) %2e sequence (hex-encoded dot), or (4) hex-encoded character greater than 0x7f. NOTE: the %20 vector is already covered by CVE-2007-3407.
by Luigi Auriemma
firefly media server (mt-daapd) 2.4.1 / svn 1699 - Multiple Vulnerabilities
by Luigi Auriemma
Easy File Sharing Web Server 1.3x/4.5 - Directory Traversal / Multiple Information Disclosure Vulnerabilities
by Luigi Auriemma
iptel serweb < 2.0.0dev1 - Remote Code Execution via _SERWEB[configdir] Parameter
Multiple PHP remote file inclusion vulnerabilities in SerWeb 2.0.0 dev1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) _SERWEB[configdir] parameter to load_lang.php, (2) _SERWEB[functionsdir] parameter to main_prepend.php, and the (3) _PHPLIB[libdir] parameter to load_phplib.php, different vectors than CVE-2007-3359 and CVE-2007-3358.
by GoLd_M
SERWeb <2.0.0 dev1 - Path Traversal
Multiple directory traversal vulnerabilities in js/get_js.php in SERWeb 2.0.0 dev1 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) mod and (2) js parameters.
by GoLd_M
OpenNewsletter < 2.5 - Cross-Site Scripting via Compose.php Type Parameter
Cross-site scripting (XSS) vulnerability in compose.php in OpenNewsletter 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the type parameter.
by Manu
Kayako SupportSuite 3.0.32 - 'PHP_SELF Trigger_Error' Function Cross-Site Scripting
by imei
MWOpen e-commerce 1.4 - SQL Injection via leggi_commenti.asp id Parameter
SQL injection vulnerability in leggi_commenti.asp in MWOpen 1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
by KiNgOfThEwOrLd
SineCMS < 2.3.4 - SQL Injection via Calendar and Guestbook Parameters
Multiple SQL injection vulnerabilities in SineCMS 2.3.4 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to mods/Calendar/index.php, accessed through a Calendar info action to mods.php; the id parameter to admin/mods_adm.php in a (2) Guestbook modifica or (3) Calendar modify action; or the (4) mese or (5) anno parameter to admin/mods_adm.php in a Calendar action. NOTE: the component for vectors 2 through 5 might be limited to administrators.
by KiNgOfThEwOrLd
PictPress < 0.91 - Path Traversal via Size or Path Parameter
Multiple directory traversal vulnerabilities in resize.php in the PictPress 0.91 and earlier plugin for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) size or (2) path parameter.
by GoLd_M
SineCMS < 2.3.4 - Cross-Site Scripting via Guestbook Username or Comment Field
Multiple cross-site scripting (XSS) vulnerabilities in the guestbook in SineCMS 2.3.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) username (user) or (2) comment (commento) field, different vectors than CVE-2007-2357.
by KiNgOfThEwOrLd
Joomla! 1.5 RC3 - SQL Injection via com_content or com_search Parameters
Multiple SQL injection vulnerabilities in index.php in Joomla! 1.5 RC3 allow remote attackers to execute arbitrary SQL commands via (1) the view parameter to the com_content component, (2) the task parameter to the com_search component, or (3) the option parameter in a search action to the com_search component.
by beenudel1986
Joomla! 1.5 RC3 - SQL Injection via com_content or com_search Parameters
Multiple SQL injection vulnerabilities in index.php in Joomla! 1.5 RC3 allow remote attackers to execute arbitrary SQL commands via (1) the view parameter to the com_content component, (2) the task parameter to the com_search component, or (3) the option parameter in a search action to the com_search component.
by beenudel1986
RSGallery <2.0 beta 5 - SQL Injection
SQL injection vulnerability in index.php in the RSGallery (com_rsgallery) 2.0 beta 5 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an inline page action.
by K-159
By Source