Text Exploits
31,394 exploits tracked across all sources.
ZZ:FlashChat < 3.1 - Path Traversal via Help File Parameter
Directory traversal vulnerability in admin/inc/help.php in ZZ:FlashChat 3.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter.
by d3hydr8
SocketMail 2.2.1 - Cross-Site Scripting via lostpwd.php lost_id Parameter
Cross-site scripting (XSS) vulnerability in lostpwd.php in Creative Digital Resources SocketMail 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the lost_id parameter.
by Ivan Sanchez
SocketKB 1.1.5 - Cross-Site Scripting via art_id or node Parameter
Multiple cross-site scripting (XSS) vulnerabilities in SocketKB 1.1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) art_id or (2) node parameter in an article action to the default URI.
by Ivan Sanchez
rNote 0.9.7.5 - Cross-Site Scripting via d or u Parameter
Multiple cross-site scripting (XSS) vulnerabilities in rnote.php in rNote 0.9.7.5 allow remote attackers to inject arbitrary web script or HTML via the (1) d or the (2) u parameter.
by RoMaNcYxHaCkEr
Alfredo Milani Comparetti SpeedFan <4.33 - Privilege Escalation
Speedfan.sys in Alfredo Milani Comparetti SpeedFan 4.33, when used on Microsoft Windows Vista x64, allows local users to read or write arbitrary MSRs, and gain privileges and load unsigned drivers, via the (1) IOCTL_RDMSR 0x9C402438 and (2) IOCTL_WRMSR 0x9C40243C IOCTLs to \Device\speedfan, as demonstrated by an IOCTL_WRMSR action on MSR_LSTAR.
by Ruben Santamarta
Macrovision SafeDisc < 4.3.86.0 - Local Privilege Escalation via METHOD_NEITHER IOCTL Buffer Overflow
Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0, as shipped in Microsoft Windows XP SP2, XP Professional x64 and x64 SP2, Server 2003 SP1 and SP2, and Server 2003 x64 and x64 SP2 allows local users to overwrite arbitrary memory locations and gain privileges via a crafted argument to a METHOD_NEITHER IOCTL, as originally discovered in the wild.
by Elia Florio
SiteBar 3.3.8 - Authenticated Path Traversal via Translation Module Dir Parameter
Absolute path traversal vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to read arbitrary files via an absolute path in the dir parameter, a different vulnerability than CVE-2007-5491.
by Robert Buchholz
SiteBar 3.3.8 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in SiteBar 3.3.8 allow remote attackers to inject arbitrary web script or HTML via (1) the lang parameter to integrator.php; (2) the token parameter in a New Password action, (3) the nid_acl parameter in a Folder Properties action, or (4) the uid parameter in a Modify User action to command.php; or (5) the target parameter to index.php, different vectors than CVE-2006-3320.
by Robert Buchholz
SiteBar 3.3.8 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in SiteBar 3.3.8 allow remote attackers to inject arbitrary web script or HTML via (1) the lang parameter to integrator.php; (2) the token parameter in a New Password action, (3) the nid_acl parameter in a Folder Properties action, or (4) the uid parameter in a Modify User action to command.php; or (5) the target parameter to index.php, different vectors than CVE-2006-3320.
by Robert Buchholz
SiteBar 3.3.8 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in SiteBar 3.3.8 allow remote attackers to inject arbitrary web script or HTML via (1) the lang parameter to integrator.php; (2) the token parameter in a New Password action, (3) the nid_acl parameter in a Folder Properties action, or (4) the uid parameter in a Modify User action to command.php; or (5) the target parameter to index.php, different vectors than CVE-2006-3320.
by Robert Buchholz
SiteBar 3.3.8 - Authenticated PHP Code Injection via Translation Module
Eval injection vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to execute arbitrary PHP code via the edit parameter in an upd cmd action, a different vulnerability than CVE-2007-5492.
by Robert Buchholz
awzMB 4.2 beta 1 - Remote Code Execution via Setting[OPT_includepath] Parameter
Multiple PHP remote file inclusion vulnerabilities in awzMB 4.2 beta 1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the Setting[OPT_includepath] parameter to (1) adminhelp.php; and (2) admin.incl.php, (3) reg.incl.php, (4) help.incl.php, (5) gbook.incl.php, and (6) core/core.incl.php in modules/.
by S.W.A.T.
Alcatel OmniVista < 4760_r4.2 - Cross-Site Scripting via Action or Langue Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Alcatel OmniVista 4760 R4.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the action parameter to php-bin/Webclient.php or (2) the Langue parameter to the default URI.
by Miguel Angel
phpMyAdmin < 2.11.1.2 - Cross-Site Scripting via PHP_SELF and PATH_INFO
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.11.1.2 allow remote attackers to inject arbitrary web script or HTML via certain input available in (1) PHP_SELF in (a) server_status.php, and (b) grab_globals.lib.php, (c) display_change_password.lib.php, and (d) common.lib.php in libraries/; and certain input available in PHP_SELF and (2) PATH_INFO in libraries/common.inc.php. NOTE: there might also be other vectors related to (3) REQUEST_URI.
by Omer Singer
phpdj 0.5 - Remote Code Execution via djpage.php page Parameter
PHP remote file inclusion vulnerability in djpage.php in PHPDJ 0.5 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.
by GoLd_M
LimeSurvey < 1.5.2 - Remote Code Execution via rootdir Parameter
PHP remote file inclusion vulnerability in classes/core/language.php in LimeSurvey 1.5.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootdir parameter.
by S.W.A.T.
Artmedic CMS <= 3.4 - Path Traversal via Page Parameter
Directory traversal vulnerability in index.php in Artmedic CMS 3.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
by iNs
Okul Otomasyon Portal 2.0 - SQL Injection via id Parameter
SQL injection vulnerability in default.asp in Okul Otomasyon Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by dumenci
Artmedic CMS < 3.4 - Remote Code Execution via Page Parameter URL Scheme Bypass
Incomplete blacklist vulnerability in index.php in Artmedic CMS 3.4 and earlier allows remote attackers to execute arbitrary PHP code via a (1) UNC share pathname, or a (2) ftps, (3) ssh2.sftp, or (4) ssh2.scp URL, in the page parameter, for which PHP remote file inclusion is blocked only for http, https, and ftp URLs.
by iNs
doop_cms < 1.3.7 - Path Traversal via Page Parameter
Directory traversal vulnerability in doop CMS 1.3.7 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter to an unspecified component.
by vladii
InnovaShop - Cross-Site Scripting via msg Parameter and contentid Parameter
Multiple cross-site scripting (XSS) vulnerabilities in InnovaAge InnovaShop allow remote attackers to inject arbitrary web script or HTML via the (1) msg parameter to msg.jsp, and the (2) contentid parameter to tc/contents/home001.jsp.
by JosS
InnovaShop - Cross-Site Scripting via msg Parameter and contentid Parameter
Multiple cross-site scripting (XSS) vulnerabilities in InnovaAge InnovaShop allow remote attackers to inject arbitrary web script or HTML via the (1) msg parameter to msg.jsp, and the (2) contentid parameter to tc/contents/home001.jsp.
by JosS
Nabh Stringbeans Portal 3.2 - Cross-Site Scripting via Project Name Parameter
Cross-site scripting (XSS) vulnerability in projects in Nabh Stringbeans Portal (sbportal) 3.2 allows remote attackers to inject arbitrary web script or HTML via the project_name parameter.
by JosS
Netgear SSL312 - Cross-Site Scripting via err Parameter in Login Page
Cross-site scripting (XSS) vulnerability in cgi-bin/welcome (aka the login page) in Netgear SSL312 PROSAFE SSL VPN-Concentrator 25 allows remote attackers to inject arbitrary web script or HTML via the err parameter in the context of an error page.
by SkyOut
WWWISIS 7.1 - Cross-Site Scripting via IsisScript lang or exprSearch Parameter
Cross-site scripting (XSS) vulnerability in wxis.exe in WWWISIS 7.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a call to the iah/iah.xis IsisScript code, possibly involving the lang or exprSearch parameter.
by JosS
By Source