Text Exploits

31,394 exploits tracked across all sources.

Sort: Activity Stars
CVE-2007-5887 EXPLOITDB text VERIFIED
ASP Message Board 2.2.1c - SQL Injection
SQL injection vulnerability in boards/printer.asp in ASP Message Board 2.2.1c allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Q7x
CVE-2007-5842 EXPLOITDB text VERIFIED
Vortex Portal 1.0.42 - Remote Code Execution via cfgProgDir Parameter
Multiple PHP remote file inclusion vulnerabilities in Vortex Portal 1.0.42 allow remote attackers to execute arbitrary PHP code via a URL in the cfgProgDir parameter to (1) admincp/auth/secure.php or (2) admincp/auth/checklogin.php.
by ShAy6oOoN
CVE-2007-5840 EXPLOITDB text VERIFIED
SyndeoCMS 2.5.01 - Remote Code Execution via cmsdir Parameter
PHP remote file inclusion vulnerability in starnet/themes/c-sky/main.inc.php in Fred Stuurman SyndeoCMS 2.5.01 allows remote attackers to execute arbitrary PHP code via a URL in the cmsdir parameter, a different vector than CVE-2006-4920.2.
by mdx
CVE-2007-5841 EXPLOITDB text VERIFIED
nuBoard 0.5 - Remote Code Execution
PHP remote file inclusion vulnerability in admin/index.php in nuBoard 0.5 allows remote attackers to execute arbitrary PHP code via a URL in the site parameter.
by GoLd_M
CVE-2007-5844 EXPLOITDB text VERIFIED
GuppY 4.6.3 - Path Traversal and Remote File Inclusion via selskin Parameter
Directory traversal vulnerability in inc/includes.inc in GuppY 4.6.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the selskin parameter to index.php. NOTE: this can be leveraged for remote file inclusion by including inc/boxleft.inc and specifying a URL in the xposbox[L][] array parameter.
by irk4z
CVE-2007-5843 EXPLOITDB text VERIFIED
scWiki 1.0 Beta 2 - Remote Code Execution via pathdot Parameter
PHP remote file inclusion vulnerability in includes/common.php in scWiki 1.0 Beta 2 allows remote attackers to execute arbitrary PHP code via a URL in the pathdot parameter.
by GoLd_M
CVE-2007-2304 EXPLOITDB text VERIFIED
qdblog < 0.4 - Directory Traversal via Theme Parameter
Multiple directory traversal vulnerabilities in Quick and Dirty Blog (QDBlog) 0.4, and possibly earlier, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the theme parameter to categories.php and other unspecified files.
by GoLd_M
CVE-2007-5915 EXPLOITDB text VERIFIED
phphelpdesk <0.6.16 - Path Traversal
Directory traversal vulnerability in index.php in phphelpdesk 0.6.16 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the whattodo parameter.
by joseph.giron13
CVE-2007-5845 EXPLOITDB text VERIFIED
GuppY <4.6.3, 4.5.16 - Path Traversal
Directory traversal vulnerability in error.php in GuppY 4.6.3, 4.5.16, and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the id parameter. NOTE: this can be leveraged to bypass authentication and upload arbitrary files by including admin/inc/upload.inc and specifying certain multipart/form-data input for admin/inc/upload.inc.
by irk4z
CVE-2007-5822 EXPLOITDB text VERIFIED
Ben Ng Scribe <0.2 - Code Injection
Direct static code injection vulnerability in forum.php in Ben Ng Scribe 0.2 and earlier allows remote attackers to inject arbitrary PHP code into a certain file in regged/ via the username parameter in a Register action, possibly related to the register function in forumfunctions.php.
by KiNgOfThEwOrLd
CVE-2007-5365 EXPLOITDB text VERIFIED
Debian Linux - Memory Corruption
Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.
by RoMaNSoFt
CVE-2007-5802 EXPLOITDB text VERIFIED
Firewolf Technologies Synergiser <1.2 RC1 - Path Traversal
Directory traversal vulnerability in index.php in Firewolf Technologies Synergiser 1.2 RC1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: this can be leveraged to obtain the path by including a local PHP script with a duplicate function declaration.
by KiNgOfThEwOrLd
CVE-2007-5823 EXPLOITDB text VERIFIED
Ben Ng Scribe <0.2 - Path Traversal
Directory traversal vulnerability in forum.php in Ben Ng Scribe 0.2 and earlier allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the username parameter in a Register action.
by KiNgOfThEwOrLd
CVE-2007-5952 EXPLOITDB text VERIFIED
Helios Calendar 1.2.1 Beta - Cross-Site Scripting via Username Parameter
Cross-site scripting (XSS) vulnerability in admin/index.php in Helios Calendar 1.2.1 Beta allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by Ivan Sanchez
CVE-2007-5821 EXPLOITDB text VERIFIED
DM Guestbook <0.4.1 - Path Traversal
Multiple directory traversal vulnerabilities in DM Guestbook 0.4.1 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the lng parameter to (a) guestbook.php, (b) admin/admin.guestbook.php, or (c) auto/glob_new.php; or (2) the lngdefault parameter to auto/ch_lng.php.
by GoLd_M
CVE-2007-5820 EXPLOITDB text VERIFIED
Ax Developer CMS 0.1.1 - Remote File Inclusion via Module Parameter Path Traversal
Directory traversal vulnerability in index.php in Ax Developer CMS (AxDCMS) 0.1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter.
by GoLd_M
CVE-2008-5010 EXPLOITDB text VERIFIED
OpenSolaris < snv_103 - Denial of Service via DHCP Request Handling
in.dhcpd in the DHCP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unknown DHCP requests related to the "number of offers," aka Bug ID 6713805.
by RoMaNSoFt
CVE-2007-5795 EXPLOITDB text VERIFIED
Emacs < 22.1 - Unauthenticated Variable Manipulation via Local Variables Declaration
The hack-local-variables function in Emacs before 22.2, when enable-local-variables is set to :safe, does not properly search lists of unsafe or risky variables, which might allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a Local variables declaration.
by Drake Wilson
CVE-2007-5815 EXPLOITDB text VERIFIED
SonicWall SSL-VPN <2.1-2.5 - Path Traversal
Absolute path traversal vulnerability in the WebCacheCleaner ActiveX control 1.3.0.3 in SonicWall SSL-VPN 200 before 2.1, and SSL-VPN 2000/4000 before 2.5, allows remote attackers to delete arbitrary files via a full pathname in the argument to the FileDelete method.
by Will Dormann
CVE-2007-5800 EXPLOITDB text VERIFIED
BackUpWordPress < 0.4.2b - Remote Code Execution via bkpwp_plugin_path Parameter
Multiple PHP remote file inclusion vulnerabilities in the BackUpWordPress 0.4.2b and earlier plugin for WordPress allow remote attackers to execute arbitrary PHP code via a URL in the bkpwp_plugin_path parameter to (1) plugins/BackUp/Archive.php; and (2) Predicate.php, (3) Writer.php, (4) Reader.php, and other unspecified scripts under plugins/BackUp/Archive/.
by S.W.A.T.
CVE-2007-5802 EXPLOITDB text VERIFIED
Firewolf Technologies Synergiser <1.2 RC1 - Path Traversal
Directory traversal vulnerability in index.php in Firewolf Technologies Synergiser 1.2 RC1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: this can be leveraged to obtain the path by including a local PHP script with a duplicate function declaration.
by KiNgOfThEwOrLd
CVE-2007-5816 EXPLOITDB text VERIFIED
CONTENTCustomizer <3.1mp - Info Disclosure
dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attackers to obtain sensitive author credentials by making a request with an editauthor action, then reading the value of the newlocalpassword password input field in the HTML source of the resulting page.
by d3hydr8
CVE-2007-5812 EXPLOITDB text VERIFIED
ModuleBuilder 1.0 - Path Traversal via File Parameter
Directory traversal vulnerability in modules/Builder/DownloadModule.php in ModuleBuilder 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
by GoLd_M
CVE-2007-5813 EXPLOITDB text VERIFIED
ISPworker 1.21 - Path Traversal via TicketID or Filename Parameter
Multiple directory traversal vulnerabilities in download.php in ISPworker 1.21 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) ticketid and (2) filename parameters.
by GoLd_M
CVE-2007-5837 EXPLOITDB text VERIFIED
yarssr 0.2.2 - Remote Code Execution via Shell Metacharacters in Feed Link Element
GUI.pm in yarssr 0.2.2, when Gnome default URL handling is disabled, allows remote attackers to execute arbitrary commands via shell metacharacters in a link element in a feed.
by Duncan Gilmore