Text Exploits

31,394 exploits tracked across all sources.

Sort: Activity Stars
CVE-2007-4979 EXPLOITDB text VERIFIED
KwsPHP 1.0 - SQL Injection via Sondages Module id Parameter
SQL injection vulnerability in index.php in the sondages module in KwsPHP 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a results action, a different module than CVE-2007-4956.2.
by Houssamix
CVE-2007-4962 EXPLOITDB text VERIFIED
WinImage 8.10 and earlier - Path Traversal and Arbitrary File Write via Filename in .IMG or .ISO File
Directory traversal vulnerability in WinImage 8.10 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a .. (dot dot) in a filename within a (1) .IMG or (2) .ISO file. NOTE: this can be leveraged for code execution by writing to a Startup folder.
by j00ru//vx
CVE-2007-4964 EXPLOITDB text VERIFIED
WinImage <= 8.10 - Denial of Service via Invalid BPB_BytsPerSec Field
WinImage 8.10 and earlier allows remote attackers to cause a denial of service (infinite loop) via an invalid BPB_BytsPerSec field in the header of a .IMG file.
by j00ru//vx
CVE-2007-4925 EXPLOITDB text VERIFIED
eWire Payment Client 1.60 and 1.70 - Remote Command Execution via PaymentInfo Parameter
The ewirePC_Decrypt function in ewirepcfunctions.php in eWire Payment Client (ePC) 1.60 and 1.70 allows remote attackers to execute arbitrary commands via shell metacharacters in the paymentinfo parameter to simplePHPLinux/3payment_receive.php.
by anonymous
CVE-2007-4977 EXPLOITDB text VERIFIED
Coppermine Photo Gallery - Cross-Site Scripting via Referer Parameter
Cross-site scripting (XSS) vulnerability in mode.php in Coppermine Photo Gallery (CPG) 1.4.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the referer parameter.
by L4teral
CVE-2007-4976 EXPLOITDB text VERIFIED
Coppermine Photo Gallery - Authenticated Path Traversal via viewlog.php log Parameter
Directory traversal vulnerability in viewlog.php in Coppermine Photo Gallery (CPG) 1.4.12 and earlier allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the log parameter.
by L4teral
CVE-2007-4975 EXPLOITDB text VERIFIED
b1gmail 6.3.1 - Cross-Site Scripting via Chapter Parameter
Cross-site scripting (XSS) vulnerability in hilfe.php in b1gMail 6.3.1 allows remote attackers to inject arbitrary web script or HTML via the chapter parameter.
by malibu.r
CVE-2007-3010 EXPLOITDB CRITICAL text VERIFIED
Alcatel OmniPCX Enterprise < 7.1 - Remote Command Execution via Unified Maintenance Tool
masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the user parameter during a ping action.
by RedTeam Pentesting GmbH
CVSS 9.8
CVE-2007-4953 EXPLOITDB text VERIFIED
SimpCMS - SQL Injection via Search Keyword Parameter
SQL injection vulnerability in index.php in SimpCMS allows remote attackers to execute arbitrary SQL commands via the keyword parameter in a search site action.
by Cold Zero
CVE-2007-4954 EXPLOITDB text VERIFIED
joom12pic_component - Remote Code Execution via mosConfig_live_site Parameter
PHP remote file inclusion vulnerability in admin.joom12pic.php in the joom12Pic (com_joom12pic) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.
by Morgan
CVE-2007-4955 EXPLOITDB text VERIFIED
Joomla Flash Fun! Component - Remote Code Execution via mosConfig_live_site Parameter
PHP remote file inclusion vulnerability in admin.joomlaflashfun.php in the Flash Fun! (com_joomlaflashfun) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.
by Morgan
CVE-2007-4957 EXPLOITDB text VERIFIED
Chupix CMS 0.2.3 - Path Traversal and Arbitrary File Write via Download.php Parameters
Multiple directory traversal vulnerabilities in download.php in Chupix CMS 0.2.3 allow remote attackers to read or overwrite arbitrary files via a .. (dot dot) in the (1) fichier or (2) repertoire parameter, or create arbitrary directories via a .. (dot dot) in the (3) repertoire parameter.
by GoLd_M
CVE-2007-4916 EXPLOITDB text VERIFIED
HP Photo and Imaging Gallery - Heap-Based Buffer Overflow via Long First Argument
Heap-based buffer overflow in the FileFind::FindFile method in (1) MFC42.dll, (2) MFC42u.dll, (3) MFC71.dll, and (4) MFC71u.dll in Microsoft Foundation Class (MFC) Library 8.0, as used by the ListFiles method in hpqutil.dll 2.0.0.138 in Hewlett-Packard (HP) All-in-One and Photo & Imaging Gallery 1.1 and probably other products, allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long first argument.
by Jonathan Sarba
CVE-2007-4934 EXPLOITDB text VERIFIED
phpFFL 1.24 - Remote Code Execution via PHPFFL_FILE_ROOT Parameter
Multiple PHP remote file inclusion vulnerabilities in phpFFL 1.24 allow remote attackers to execute arbitrary PHP code via a URL in the PHPFFL_FILE_ROOT parameter to (1) program_files/livedraft/livedraft.php or (2) program_files/livedraft/admin.php.
by Dj7xpl
CVE-2007-4917 EXPLOITDB text VERIFIED
php-stats 0.1.9.2 - Cross-Site Scripting via IP Parameter in tracking.php
Cross-site scripting (XSS) vulnerability in tracking.php in PHP-Stats 0.1.9.2 allows remote attackers to inject arbitrary web script or HTML via the ip parameter in an online action, a different vector than CVE-2007-4334.
CVE-2007-4921 EXPLOITDB text VERIFIED
Ajax File Browser 3 Beta - Remote Code Execution via approot Parameter
PHP remote file inclusion vulnerability in _includes/settings.inc.php in Ajax File Browser 3 Beta allows remote attackers to execute arbitrary PHP code via a URL in the approot parameter.
by arfis project
CVE-2007-4930 EXPLOITDB text VERIFIED
AXIS 207W Network Camera - Cross-Site Request Forgery via Admin Endpoints
Multiple cross-site request forgery (CSRF) vulnerabilities in the AXIS 207W camera allow remote attackers to perform certain actions as administrators via (1) axis-cgi/admin/restart.cgi, (2) the user and sgrp parameters to axis-cgi/admin/pwdgrp.cgi in an add action, or (3) the server parameter to admin/restartMessage.shtml.
by Seth Fogie
CVE-2007-4930 EXPLOITDB text VERIFIED
AXIS 207W Network Camera - Cross-Site Request Forgery via Admin Endpoints
Multiple cross-site request forgery (CSRF) vulnerabilities in the AXIS 207W camera allow remote attackers to perform certain actions as administrators via (1) axis-cgi/admin/restart.cgi, (2) the user and sgrp parameters to axis-cgi/admin/pwdgrp.cgi in an add action, or (3) the server parameter to admin/restartMessage.shtml.
by Seth Fogie
CVE-2007-4930 EXPLOITDB text VERIFIED
AXIS 207W Network Camera - Cross-Site Request Forgery via Admin Endpoints
Multiple cross-site request forgery (CSRF) vulnerabilities in the AXIS 207W camera allow remote attackers to perform certain actions as administrators via (1) axis-cgi/admin/restart.cgi, (2) the user and sgrp parameters to axis-cgi/admin/pwdgrp.cgi in an add action, or (3) the server parameter to admin/restartMessage.shtml.
by Seth Fogie
CVE-2007-4922 EXPLOITDB text VERIFIED
jeuxflash_module 1.0 - Authenticated SQL Injection via id Parameter
SQL injection vulnerability in play.php in the jeuxflash 1.0 module for KwsPHP allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a play ac action to index.php. NOTE: some details are obtained from third party information.
by Houssamix
CVE-2007-4923 EXPLOITDB text VERIFIED
Joomla Radio 5 - Remote Code Execution via mosConfig_live_site Parameter
PHP remote file inclusion vulnerability in admin.joomlaradiov5.php in the Joomla Radio 5 (com_joomlaradiov5) component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.
by Morgan
CVE-2007-4966 EXPLOITDB text VERIFIED
GForge < 4.6_b2 - SQL Injection via skill_delete[] Parameter
SQL injection vulnerability in www/people/editprofile.php in GForge 4.6b2 and earlier allows remote attackers to execute arbitrary SQL commands via the skill_delete[] parameter.
by Sumit Siddharth
CVE-2007-4892 EXPLOITDB text VERIFIED
Plesk 7.6.1, 8.1.0, 8.1.1, 8.2.0 - SQL Injection via PLESKSESSID Cookie
Multiple SQL injection vulnerabilities in SWSoft Plesk 7.6.1, 8.1.0, 8.1.1, and 8.2.0 for Windows allow remote attackers to execute arbitrary SQL commands via a PLESKSESSID cookie to (1) login.php3 or (2) auth.php3.
by Nick I Merritt
CVE-2007-4937 EXPLOITDB text VERIFIED
CS Guestbook - Unauthenticated Sensitive Information Exposure via Direct Request
CS Guestbook stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the admin name and MD5 password hash via a direct request for base/usr/0.php.
by Cr@zy_King
CVE-2007-4899 EXPLOITDB text VERIFIED
Boinc Forum < 5.10.20 - Cross-Site Scripting via Forum ID or Search String Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Boinc Forum 5.10.20 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to forum_forum.php, or the search_string parameter to forum_text_search_action.php in a (2) titles or (3) bodies search.
by Doz