Text Exploits
31,394 exploits tracked across all sources.
K+B-Bestellsystem - Command Injection
kb_whois.cgi in K+B-Bestellsystem (aka KB-Bestellsystem) allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) domain or (2) tld parameter in a check_owner action.
by Zero X
NetAuctionHelp 4.1 - 'nsearch' SQL Injection
by Aria-Security Team
TalkBack 2.2.7 - Remote Code Execution via PHP File Inclusion
Multiple PHP remote file inclusion vulnerabilities in TalkBack 2.2.7 allow remote attackers to execute arbitrary PHP code via a URL in the (1) language_file parameter to (a) comments-display-tpl.php and (b) addons/separate-comments-mod/my-comments-display-tpl.php and the (2) config[comments_form_tpl] parameter to comments-display-tpl.php.
by NoGe
AlstraSoft E-Friends <4.98 - SQL Injection
SQL injection vulnerability in index.php in AlstraSoft E-Friends 4.98 and earlier allows remote attackers to execute arbitrary SQL commands via the seid parameter in a viewevent action.
by K-159
GWExtranet - Multiple Directory Traversal Vulnerabilities
by joseph.giron13
VU Mass Mailer - SQL Injection via Login Page Password Parameter
SQL injection vulnerability in redir.asp in VU Mass Mailer allows remote attackers to execute arbitrary SQL commands via the password parameter to Default.asp (aka the Login Page). NOTE: some of these details are obtained from third party information.
by Aria-Security Team
VUNET Case Manager 3.4 - 'default.asp' SQL Injection
by The-0utl4w
E-vanced Solutions E-vents 5.0 - Multiple Input Validation Vulnerabilities
by joseph.giron13
bcoos 1.0.10 - Path Traversal and Arbitrary File Execution via xoopsOption[pagetype] Parameter
Directory traversal vulnerability in include/common.php in bcoos 1.0.10 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the xoopsOption[pagetype] parameter to the default URI for modules/news/. NOTE: this can be leveraged by using legitimate product functionality to upload a file that contains the code, then including that file.
by BugReport.IR
SkyPortal RC6 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in SkyPortal RC6 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) nc_top.asp; (2) inc_bookmarks.asp, possibly involving a parameter passed from cp_main.asp; (3) inc_profile_functions.asp; or (4) inc_SUBSCRIPTIONS.asp; or the (5) Avatar_URL, (6) LINK1, or (7) LINK2 parameter to cp_main.asp in an EditIt action.
by BugReport.IR
bcoos 1.0.10 and 1.0.13 - SQL Injection via bid Parameter
SQL injection vulnerability in modules/banners/click.php in the banners module for bcoos 1.0.10 allows remote attackers to execute arbitrary SQL commands via the bid parameter. NOTE: it was later reported that 1.0.13 is also affected.
by BugReport.IR
Mail in Apple Mac OS X Leopard (10.5.1) - RCE
Mail in Apple Mac OS X Leopard (10.5.1) allows user-assisted remote attackers to execute arbitrary code via an AppleDouble attachment containing an apparently-safe file type and script in a resource fork, which does not warn the user that a separate program is going to be executed. NOTE: this is a regression error related to CVE-2006-0395.
by heise Security
ISPsystem ISPmanager <4.2.15.1 - Privilege Escalation
The responder program in ISPsystem ISPmanager (aka ISPmgr) 4.2.15.1 allows local users to gain privileges via shell metacharacters in command line arguments.
by Andrew Christensen
JUser 1.0.14 - Remote Code Execution via mosConfig_absolute_path Parameter
PHP remote file inclusion vulnerability in xajax_functions.php in the JUser (com_juser) 1.0.14 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
by NoGe
Rigs of Rods <0.33d SP1 - Buffer Overflow
Buffer overflow in the Sequencer::queueMessage function in sequencer.cpp in the server in Rigs of Rods (RoR) before 0.33d SP1 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code by sending a nickname, then a vehicle name in a MSG2_USE_VEHICLE message, in which the combined length triggers the overflow.
by Luigi Auriemma
I Hear U < 0.5.6 - Denial of Service via Malformed Packet Handling
I Hear U (IHU) 0.5.6 and earlier allows remote attackers to cause (1) a denial of service (infinite loop) via a packet that contains zero in the size field in its header, which is improperly handled by the Receiver::processPacket function; and (2) a denial of service (daemon crash) via an (a) IHU_INFO_INIT or a (b) IHU_INFO_RING packet that does not specify the mode, which is improperly handled by the Player::ring function in Player.cpp.
by Luigi Auriemma
LIVE555 Media Server <2007.11.01 - DoS
The parseRTSPRequestString function in LIVE555 Media Server 2007.11.01 and earlier allows remote attackers to cause a denial of service (daemon crash) via a short RTSP query, which causes a negative number to be used during memory allocation.
by Luigi Auriemma
Citrix NetScaler 8.0 build 47.8 - Cross-Site Scripting via Standalone Parameter
Cross-site scripting (XSS) vulnerability in ws/generic_api_call.pl in Citrix NetScaler 8.0 build 47.8 allows remote attackers to inject arbitrary web script or HTML via the standalone parameter and other unspecified parameters.
by nnposter
Click&BaneX - 'Details.asp' SQL Injection
by Aria-Security Team
VigileCMS 1.4 - Path Traversal via Module Parameter
Directory traversal vulnerability in index.php in VigileCMS 1.4 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the module parameter.
by DevilAuron
VigileCMS 1.4 - Cross-Site Scripting via Message Field in vedipm or live_chat Module
Multiple cross-site scripting (XSS) vulnerabilities in index.php in VigileCMS 1.4 allow remote attackers to inject arbitrary web script or HTML via the message field in the (1) vedipm or (2) live_chat module.
by DevilAuron
VigileCMS 1.4 - Cross-Site Request Forgery via changepass Module
Cross-site request forgery (CSRF) vulnerability in index.php in VigileCMS 1.4 allows remote attackers to change the admin password via certain parameters to the changepass module.
by DevilAuron
HotScripts Clone Script - SQL Injection
SQL injection vulnerability in software-description.php in HotScripts Clone Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
by t0pP8uZz
phpbbviet < 02.03.07 - Remote Code Execution via phpbb_root_path Parameter
PHP remote file inclusion vulnerability in includes/functions_mod_user.php in phpBBViet 02.03.07 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
by Mehmet Ince
mebiblio 0.4.5 - Remote Code Execution via Index.php Action Parameter
PHP remote file inclusion vulnerability in index.php in meBiblio 0.4.5 allows remote attackers to execute arbitrary PHP code via a URL in the action parameter.
by ShAy6oOoN
By Source