Text Exploits

31,394 exploits tracked across all sources.

Sort: Activity Stars
CVE-2007-5620 EXPLOITDB text VERIFIED
ZZ:FlashChat < 3.1 - Path Traversal via Help File Parameter
Directory traversal vulnerability in admin/inc/help.php in ZZ:FlashChat 3.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter.
by d3hydr8
CVE-2007-5649 EXPLOITDB text VERIFIED
SocketMail 2.2.1 - Cross-Site Scripting via lostpwd.php lost_id Parameter
Cross-site scripting (XSS) vulnerability in lostpwd.php in Creative Digital Resources SocketMail 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the lost_id parameter.
by Ivan Sanchez
CVE-2007-5647 EXPLOITDB text VERIFIED
SocketKB 1.1.5 - Cross-Site Scripting via art_id or node Parameter
Multiple cross-site scripting (XSS) vulnerabilities in SocketKB 1.1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) art_id or (2) node parameter in an article action to the default URI.
by Ivan Sanchez
CVE-2007-5648 EXPLOITDB text VERIFIED
rNote 0.9.7.5 - Cross-Site Scripting via d or u Parameter
Multiple cross-site scripting (XSS) vulnerabilities in rnote.php in rNote 0.9.7.5 allow remote attackers to inject arbitrary web script or HTML via the (1) d or the (2) u parameter.
by RoMaNcYxHaCkEr
CVE-2007-5633 EXPLOITDB text VERIFIED
Alfredo Milani Comparetti SpeedFan <4.33 - Privilege Escalation
Speedfan.sys in Alfredo Milani Comparetti SpeedFan 4.33, when used on Microsoft Windows Vista x64, allows local users to read or write arbitrary MSRs, and gain privileges and load unsigned drivers, via the (1) IOCTL_RDMSR 0x9C402438 and (2) IOCTL_WRMSR 0x9C40243C IOCTLs to \Device\speedfan, as demonstrated by an IOCTL_WRMSR action on MSR_LSTAR.
by Ruben Santamarta
CVE-2007-5587 EXPLOITDB text VERIFIED
Macrovision SafeDisc < 4.3.86.0 - Local Privilege Escalation via METHOD_NEITHER IOCTL Buffer Overflow
Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0, as shipped in Microsoft Windows XP SP2, XP Professional x64 and x64 SP2, Server 2003 SP1 and SP2, and Server 2003 x64 and x64 SP2 allows local users to overwrite arbitrary memory locations and gain privileges via a crafted argument to a METHOD_NEITHER IOCTL, as originally discovered in the wild.
by Elia Florio
CVE-2007-5694 EXPLOITDB text VERIFIED
SiteBar 3.3.8 - Authenticated Path Traversal via Translation Module Dir Parameter
Absolute path traversal vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to read arbitrary files via an absolute path in the dir parameter, a different vulnerability than CVE-2007-5491.
by Robert Buchholz
CVE-2007-5692 EXPLOITDB text VERIFIED
SiteBar 3.3.8 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in SiteBar 3.3.8 allow remote attackers to inject arbitrary web script or HTML via (1) the lang parameter to integrator.php; (2) the token parameter in a New Password action, (3) the nid_acl parameter in a Folder Properties action, or (4) the uid parameter in a Modify User action to command.php; or (5) the target parameter to index.php, different vectors than CVE-2006-3320.
by Robert Buchholz
CVE-2007-5692 EXPLOITDB text VERIFIED
SiteBar 3.3.8 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in SiteBar 3.3.8 allow remote attackers to inject arbitrary web script or HTML via (1) the lang parameter to integrator.php; (2) the token parameter in a New Password action, (3) the nid_acl parameter in a Folder Properties action, or (4) the uid parameter in a Modify User action to command.php; or (5) the target parameter to index.php, different vectors than CVE-2006-3320.
by Robert Buchholz
CVE-2007-5692 EXPLOITDB text VERIFIED
SiteBar 3.3.8 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in SiteBar 3.3.8 allow remote attackers to inject arbitrary web script or HTML via (1) the lang parameter to integrator.php; (2) the token parameter in a New Password action, (3) the nid_acl parameter in a Folder Properties action, or (4) the uid parameter in a Modify User action to command.php; or (5) the target parameter to index.php, different vectors than CVE-2006-3320.
by Robert Buchholz
CVE-2007-5693 EXPLOITDB text VERIFIED
SiteBar 3.3.8 - Authenticated PHP Code Injection via Translation Module
Eval injection vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to execute arbitrary PHP code via the edit parameter in an upd cmd action, a different vulnerability than CVE-2007-5492.
by Robert Buchholz
CVE-2007-5592 EXPLOITDB text VERIFIED
awzMB 4.2 beta 1 - Remote Code Execution via Setting[OPT_includepath] Parameter
Multiple PHP remote file inclusion vulnerabilities in awzMB 4.2 beta 1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the Setting[OPT_includepath] parameter to (1) adminhelp.php; and (2) admin.incl.php, (3) reg.incl.php, (4) help.incl.php, (5) gbook.incl.php, and (6) core/core.incl.php in modules/.
by S.W.A.T.
CVE-2007-5190 EXPLOITDB text VERIFIED
Alcatel OmniVista < 4760_r4.2 - Cross-Site Scripting via Action or Langue Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Alcatel OmniVista 4760 R4.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the action parameter to php-bin/Webclient.php or (2) the Langue parameter to the default URI.
by Miguel Angel
CVE-2007-5589 EXPLOITDB text VERIFIED
phpMyAdmin < 2.11.1.2 - Cross-Site Scripting via PHP_SELF and PATH_INFO
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.11.1.2 allow remote attackers to inject arbitrary web script or HTML via certain input available in (1) PHP_SELF in (a) server_status.php, and (b) grab_globals.lib.php, (c) display_change_password.lib.php, and (d) common.lib.php in libraries/; and certain input available in PHP_SELF and (2) PATH_INFO in libraries/common.inc.php. NOTE: there might also be other vectors related to (3) REQUEST_URI.
by Omer Singer
CVE-2007-5574 EXPLOITDB text VERIFIED
phpdj 0.5 - Remote Code Execution via djpage.php page Parameter
PHP remote file inclusion vulnerability in djpage.php in PHPDJ 0.5 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.
by GoLd_M
CVE-2007-5573 EXPLOITDB text VERIFIED
LimeSurvey < 1.5.2 - Remote Code Execution via rootdir Parameter
PHP remote file inclusion vulnerability in classes/core/language.php in LimeSurvey 1.5.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootdir parameter.
by S.W.A.T.
CVE-2007-5489 EXPLOITDB text VERIFIED
Artmedic CMS <= 3.4 - Path Traversal via Page Parameter
Directory traversal vulnerability in index.php in Artmedic CMS 3.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
by iNs
CVE-2007-5490 EXPLOITDB text VERIFIED
Okul Otomasyon Portal 2.0 - SQL Injection via id Parameter
SQL injection vulnerability in default.asp in Okul Otomasyon Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by dumenci
CVE-2007-5600 EXPLOITDB text VERIFIED
Artmedic CMS < 3.4 - Remote Code Execution via Page Parameter URL Scheme Bypass
Incomplete blacklist vulnerability in index.php in Artmedic CMS 3.4 and earlier allows remote attackers to execute arbitrary PHP code via a (1) UNC share pathname, or a (2) ftps, (3) ssh2.sftp, or (4) ssh2.scp URL, in the page parameter, for which PHP remote file inclusion is blocked only for http, https, and ftp URLs.
by iNs
CVE-2007-5465 EXPLOITDB text VERIFIED
doop_cms < 1.3.7 - Path Traversal via Page Parameter
Directory traversal vulnerability in doop CMS 1.3.7 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter to an unspecified component.
by vladii
CVE-2007-5480 EXPLOITDB text VERIFIED
InnovaShop - Cross-Site Scripting via msg Parameter and contentid Parameter
Multiple cross-site scripting (XSS) vulnerabilities in InnovaAge InnovaShop allow remote attackers to inject arbitrary web script or HTML via the (1) msg parameter to msg.jsp, and the (2) contentid parameter to tc/contents/home001.jsp.
by JosS
CVE-2007-5480 EXPLOITDB text VERIFIED
InnovaShop - Cross-Site Scripting via msg Parameter and contentid Parameter
Multiple cross-site scripting (XSS) vulnerabilities in InnovaAge InnovaShop allow remote attackers to inject arbitrary web script or HTML via the (1) msg parameter to msg.jsp, and the (2) contentid parameter to tc/contents/home001.jsp.
by JosS
CVE-2007-5478 EXPLOITDB text VERIFIED
Nabh Stringbeans Portal 3.2 - Cross-Site Scripting via Project Name Parameter
Cross-site scripting (XSS) vulnerability in projects in Nabh Stringbeans Portal (sbportal) 3.2 allows remote attackers to inject arbitrary web script or HTML via the project_name parameter.
by JosS
CVE-2007-5562 EXPLOITDB text VERIFIED
Netgear SSL312 - Cross-Site Scripting via err Parameter in Login Page
Cross-site scripting (XSS) vulnerability in cgi-bin/welcome (aka the login page) in Netgear SSL312 PROSAFE SSL VPN-Concentrator 25 allows remote attackers to inject arbitrary web script or HTML via the err parameter in the context of an error page.
by SkyOut
CVE-2007-5455 EXPLOITDB text VERIFIED
WWWISIS 7.1 - Cross-Site Scripting via IsisScript lang or exprSearch Parameter
Cross-site scripting (XSS) vulnerability in wxis.exe in WWWISIS 7.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a call to the iah/iah.xis IsisScript code, possibly involving the lang or exprSearch parameter.
by JosS