Text Exploits

31,394 exploits tracked across all sources.

Sort: Activity Stars
CVE-2007-3813 EXPLOITDB text VERIFIED
mkportal noboard_module - Remote File Inclusion via MK_PATH Parameter
PHP remote file inclusion vulnerability in include/user.php in the NoBoard BETA module for MKPortal allows remote attackers to execute arbitrary PHP code via a URL in the MK_PATH parameter.
by g00ns
CVE-2007-3811 EXPLOITDB text VERIFIED
eSyndiCat - SQL Injection via News ID or Page Name Parameter
Multiple SQL injection vulnerabilities in eSyndiCat allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to news.php or (2) the name parameter to page.php.
by d3v1l
CVE-2007-3812 EXPLOITDB text VERIFIED
CMScout < 1.23 - SQL Injection via forums.php f Parameter
SQL injection vulnerability in forums.php in CMScout 1.23 and earlier allows remote attackers to execute arbitrary SQL commands via the f parameter in a forums action to index.php.
by g00ns
CVE-2007-3822 EXPLOITDB text VERIFIED
Webcit < 7.10 - Cross-Site Scripting via Multiple Input Vectors
Multiple cross-site scripting (XSS) vulnerabilities in Webcit before 7.11 allow remote attackers to inject arbitrary web script or HTML via (1) the who parameter to showuser; and other vectors involving (2) calendar mode, (3) bulletin board mode, (4) room names, and (5) uploaded file names.
by Christopher Schwardt
CVE-2007-4359 EXPLOITDB text VERIFIED
SkilMatch Staffing Systems JobLister3 - SQL Injection
Multiple SQL injection vulnerabilities in SkilMatch Staffing Systems JobLister3 allow remote attackers to execute arbitrary SQL commands via (1) the search form or (2) the jobid parameter to index.php in a showbyID action.
by joseph.giron13
CVE-2007-3792 EXPLOITDB text VERIFIED
AzDG Dating Gold 3.0.5 - RCE
Multiple PHP remote file inclusion vulnerabilities in AzDG Dating Gold 3.0.5 allow remote attackers to execute arbitrary PHP code via a URL in the int_path parameter to (1) header.php, (2) footer.php, or (3) secure.admin.php in templates/.
by mostafa_ragab
CVE-2007-3792 EXPLOITDB text VERIFIED
AzDG Dating Gold 3.0.5 - RCE
Multiple PHP remote file inclusion vulnerabilities in AzDG Dating Gold 3.0.5 allow remote attackers to execute arbitrary PHP code via a URL in the int_path parameter to (1) header.php, (2) footer.php, or (3) secure.admin.php in templates/.
by mostafa_ragab
CVE-2007-3792 EXPLOITDB text VERIFIED
AzDG Dating Gold 3.0.5 - RCE
Multiple PHP remote file inclusion vulnerabilities in AzDG Dating Gold 3.0.5 allow remote attackers to execute arbitrary PHP code via a URL in the int_path parameter to (1) header.php, (2) footer.php, or (3) secure.admin.php in templates/.
by mostafa_ragab
CVE-2007-3017 EXPLOITDB text VERIFIED
activeWeb contentserver <5.6.2964 - XSS
The WYSIWYG editor applet in activeWeb contentserver CMS before 5.6.2964 only filters malicious tags from articles sent to admin/applets/wysiwyg/rendereditor.asp, which allows remote authenticated users to inject arbitrary JavaScript via a request to admin/worklist/worklist_edit.asp.
by RedTeam Pentesting
CVE-2007-3014 EXPLOITDB text VERIFIED
activeWeb contentserver < 5.6.2964 - Cross-Site Scripting via msg Parameter or MIME Type
Multiple cross-site scripting (XSS) vulnerabilities in activeWeb contentserver before 5.6.2964 allow remote attackers to inject arbitrary web script or HTML via the msg parameter to (1) errors/rights.asp or (2) errors/transaction.asp, or (3) the name of a MIME type (mimetype).
by RedTeam Pentesting
CVE-2007-3014 EXPLOITDB text VERIFIED
activeWeb contentserver < 5.6.2964 - Cross-Site Scripting via msg Parameter or MIME Type
Multiple cross-site scripting (XSS) vulnerabilities in activeWeb contentserver before 5.6.2964 allow remote attackers to inject arbitrary web script or HTML via the msg parameter to (1) errors/rights.asp or (2) errors/transaction.asp, or (3) the name of a MIME type (mimetype).
by RedTeam Pentesting
CVE-2007-3013 EXPLOITDB text VERIFIED
activeWeb contentserver < 5.6.2964 - Authenticated SQL Injection via id Parameter
SQL injection vulnerability in activeWeb contentserver before 5.6.2964 allows remote authenticated users with edit permission to execute arbitrary SQL commands via the id parameter to admin/picture/picture_real_edit.asp, and probably other unspecified vectors.
by RedTeam Pentesting
CVE-2007-3673 EXPLOITDB text VERIFIED
Symantec symtdi.sys <7.0.0 - Privilege Escalation
Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 through 10.1 and Client Security 2.0 through 3.1, Norton AntiSpam 2005, and Norton AntiVirus, Internet Security, Personal Firewall, and System Works 2005 and 2006; allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in an IOCTL 0x83022323 request to \\symTDI\, which results in memory overwrite.
by Zohiartze Herce
CVE-2007-3772 EXPLOITDB text VERIFIED
PsNews 1.1 - Directory Traversal via Newspath Parameter
Directory traversal vulnerability in news/show.php in PsNews 1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the newspath parameter.
by irk4z
CVE-2007-3789 EXPLOITDB text VERIFIED
Inmostore 4.0 - SQL Injection via Admin Password Field
SQL injection vulnerability in admin/index.php in Inmostore 4.0 allows remote attackers to execute arbitrary SQL commands via the Password field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by Keniobats
CVE-2007-3693 EXPLOITDB text VERIFIED
Gobi - Cross-Site Scripting via Search q Parameter
Cross-site scripting (XSS) vulnerability in Gobi as of 20070711, built on Helma, allows remote attackers to inject arbitrary web script or HTML via the q parameter to the search function.
by Hanno Boeck
CVE-2005-1924 EXPLOITDB text VERIFIED
G/PGP Plugin <2.1 - Command Injection
The G/PGP (GPG) Plugin 2.1 and earlier for Squirrelmail allow remote authenticated users to execute arbitrary commands via shell metacharacters in (1) the fpr parameter to the deleteKey function in gpg_keyring.php, as called by (a) import_key_file.php, (b) import_key_text.php, and (c) keyring_main.php; and (2) the keyserver parameter to the gpg_recv_key function in gpg_key_functions.php, as called by gpg_options.php. NOTE: this issue may overlap CVE-2007-3636.
by jmp-esp
EIP-2026-107707 EXPLOITDB text VERIFIED
IBM Proventia Sensor Appliance - Multiple Input Validation Vulnerabilities
by Alex Hernandez
CVE-2007-3725 EXPLOITDB text VERIFIED
ClamAV - Denial of Service via Crafted RAR Archive
The RAR VM (unrarvm.c) in Clam Antivirus (ClamAV) before 0.91 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted RAR archive, resulting in a NULL pointer dereference.
by Metaeye Security Group
CVE-2005-1413 EXPLOITDB text VERIFIED
envivo_cms - SQL Injection via Username or Password Parameter
Multiple SQL injection vulnerabilities in enVivo!CMS allow remote attackers to execute arbitrary SQL commands and gain privileges via the (1) username or (2) password parameters to admin_login.asp, or the (3) searchstring and possibly (4) ID parameters to default.asp.
by durito
CVE-2007-3701 EXPLOITDB text VERIFIED
TippingPoint IPS - Signature Evasion via Hex-Encoded Unicode Slash Character
TippingPoint IPS before 20070710 does not properly handle a hex-encoded alternate Unicode '/' (slash) character, which might allow remote attackers to send certain network traffic and avoid detection, as demonstrated by a cmd.exe attack.
by Security-Assessment.com
CVE-2007-3687 EXPLOITDB text VERIFIED
RPG Inferno < 2.4 - Authenticated SQL Injection via id Parameter
SQL injection vulnerability in inferno.php in the Inferno Technologies RPG Inferno 2.4 and earlier, a vBulletin module, allows remote authenticated attackers to execute arbitrary SQL commands via the id parameter in a ScanMember do action.
by t0pP8uZz
CVE-2007-3682 EXPLOITDB text VERIFIED
OpenLD - SQL Injection via id Parameter
SQL injection vulnerability in index.php in OpenLD 1.2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
by CypherXero
CVE-2007-3456 EXPLOITDB text VERIFIED
Adobe Flash Player < 9.0.45.0 - Remote Code Execution via Large Length Value in FLV or SWF File
Integer overflow in Adobe Flash Player 9.0.45.0 and earlier might allow remote attackers to execute arbitrary code via a large length value for a (1) Long string or (2) XML variable type in a crafted (a) FLV or (b) SWF file, related to an "input validation error," including a signed comparison of values that are assumed to be non-negative.
by Stefano DiPaola
CVE-2007-3714 EXPLOITDB text VERIFIED
Ada Image Server (ImgSvr) <= 0.6.21 - Directory Traversal via Template Parameter
Directory traversal vulnerability in Ada Image Server (ImgSvr) 0.6.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter to the default URI. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this is probably a different issue than CVE-2004-2464. NOTE: it was later reported that 0.6.21 and earlier is also affected.
by Tim Brown