Exploitdb Exploits

50,123 exploits tracked across all sources.

Sort: Activity Stars
CVE-2006-0725 EXPLOITDB
Plume-cms Plume Cms - Code Injection
PHP remote file inclusion vulnerability in prepend.php in Plume CMS 1.0.2, when register_globals is enabled, allows remote attackers to include arbitrary files via a URL in the _PX_config[manager_path] parameter. NOTE: this is a different executable and affected version than CVE-2006-2645.
CVE-2008-6968 EXPLOITDB
Pligg Cms - SQL Injection
Multiple SQL injection vulnerabilities in submit.php in Pligg CMS 9.9.5 allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) id parameters.
CVE-2009-4140 EXPLOITDB
Open Flash Chart v2 Beta 1-v2 Lug Wyrm Charmer - RCE
Unrestricted file upload vulnerability in ofc_upload_image.php in Open Flash Chart v2 Beta 1 through v2 Lug Wyrm Charmer, as used in Piwik 0.2.35 through 0.4.3, Woopra Analytics Plugin before 1.4.3.2, and possibly other products, when register_globals is enabled, allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension through the name parameter with the code in the HTTP_RAW_POST_DATA parameter, then accessing it via a direct request to the file in tmp-upload-images/.
CVE-2006-3531 EXPLOITDB php
Pivot 1.30 RC2 - Privilege Escalation
includes/editor/insert_image.php in Pivot 1.30 RC2 and earlier creates the authentication credentials from parameters, which allows remote attackers to obtain privileges and upload arbitrary files via modified (1) pass and (2) session parameters, and (3) pass and (4) userlevel indices of the (a) Pivot_Vars[] or (b) Users[] array parameters.
CVE-2006-3532 EXPLOITDB php
Pivot <1.30 RC2 - RCE
PHP file inclusion vulnerability in includes/edit_new.php in Pivot 1.30 RC2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a FTP URL or full file path in the Paths[extensions_path] parameter.
CVE-2005-4226 EXPLOITDB perl
Phpwebthings < 1.4 - SQL Injection
Multiple "potential" SQL injection vulnerabilities in phpWebThings 1.4 Patched might allow remote attackers to execute arbitrary SQL commands via (1) the ref parameter in download.php, (2) the direction, msg, sforum, reason, subname, and toform parameters in forum.php, (3) the msg and forum parameters in forum_edit.php, (4) the msg and forum parameters in forum_write.php, (5) the tekst parameter in guestbook.php, (6) the menuoption parameter in index.php, and the (7) sel_avatar parameter in myaccount.php. NOTE: the forum.php/forum vector is already identified by CVE-2005-3585.
CVE-2005-4792 EXPLOITDB perl
phpWebSite <0.10.1 - SQL Injection
SQL injection vulnerability in index.php in Appalachian State University phpWebSite 0.10.1 and earlier allows remote attackers to execute arbitrary SQL commands via the module parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-0681 EXPLOITDB
Phpshop - SQL Injection
SQL injection vulnerability in index.php in PHPShop 0.8.1 allows remote attackers to execute arbitrary SQL commands via the product_id parameter, as demonstrated by a shop/flypage action.
CVE-2010-1269 EXPLOITDB
phpscripte24 - SQL Injection
SQL injection vulnerability in auktion.php in phpscripte24 Niedrig Gebote Pro Auktions System II allows remote attackers to execute arbitrary SQL commands via the id_auk parameter.
CVE-2006-4865 EXPLOITDB perl
Walter Beschmout PhpQuiz - Info Disclosure
Walter Beschmout PhpQuiz allows remote attackers to obtain sensitive information via a direct request to cfgphpquiz/install.php and other unspecified vectors.
CVE-2008-0167 EXPLOITDB
Gforge - Symlink Following
The write_array_file function in utils/include.pl in GForge 4.5.14 updates configuration files by truncating them to zero length and then writing new data, which might allow attackers to bypass intended access restrictions or have unspecified other impact in opportunistic circumstances.
CVE-2006-5124 EXPLOITDB
phpMyWebmin 1.0 - RCE
Multiple PHP remote file inclusion vulnerabilities in Joshua Muheim phpMyWebmin 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) target and (2) action parameters in window.php, and possibly the (3) target parameter in home.php.
CVE-2006-5125 EXPLOITDB
phpMyWebmin 1.0 - Info Disclosure
Directory traversal vulnerability in window.php, possibly used by home.php, in Joshua Muheim phpMyWebmin 1.0 allows remote attackers to obtain sensitive information via a directory name in the target parameter, which triggers a directory listing through the opendir function.
CVE-2008-6316 EXPLOITDB
Phpmygallery - Path Traversal
Directory traversal vulnerability in _conf/core/common-tpl-vars.php in PHPmyGallery 1.0 beta2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter, a different issue than CVE-2008-6316 and a different vector than CVE-2008-6318.
CVE-2014-6045 EXPLOITDB HIGH
Phpmyfaq < 2.8.13 - SQL Injection
SQL injection vulnerability in phpMyFAQ before 2.8.13 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via vectors involving the restore function.
CVSS 7.2
CVE-2014-6046 EXPLOITDB HIGH
Phpmyfaq < 2.8.13 - CSRF
Multiple cross-site request forgery (CSRF) vulnerabilities in phpMyFAQ before 2.8.13 allow remote attackers to hijack the authentication of unspecified users for requests that (1) delete active users by leveraging improper validation of CSRF tokens or that (2) delete open questions, (3) activate users, (4) publish FAQs, (5) add or delete Glossary, (6) add or delete FAQ news, or (7) add or delete comments or add votes by leveraging lack of a CSRF token.
CVSS 8.8
CVE-2014-6047 EXPLOITDB MEDIUM
phpMyFAQ <2.8.13 - Info Disclosure
phpMyFAQ before 2.8.13 allows remote authenticated users with certain permissions to read arbitrary attachments by leveraging incorrect "download an attachment" permission checks.
CVSS 5.3
CVE-2014-6048 EXPLOITDB MEDIUM
Phpmyfaq < 2.8.13 - Information Disclosure
phpMyFAQ before 2.8.13 allows remote attackers to read arbitrary attachments via a direct request.
CVSS 5.3
CVE-2014-6049 EXPLOITDB LOW
Phpmyfaq < 2.8.13 - Improper Authorization
phpMyFAQ before 2.8.13 allows remote authenticated users with admin privileges to bypass authorization via a crafted instance ID parameter.
CVSS 2.7
CVE-2009-4050 EXPLOITDB
phpMyBackupPro 2.1 - Path Traversal
Directory traversal vulnerability in get_file.php in phpMyBackupPro 2.1 allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2011-2505 EXPLOITDB python
Phpmyadmin < 3.3.10.2 - Code Injection
libraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication feature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 assigns values to arbitrary parameters referenced in the query string, which allows remote attackers to modify the SESSION superglobal array via a crafted request, related to a "remote variable manipulation vulnerability."
CVE-2013-3238 EXPLOITDB
phpMyAdmin <3.5.8 and <4.0.0-rc3 - Authenticated RCE
phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3 allows remote authenticated users to execute arbitrary code via a /e\x00 sequence, which is not properly handled before making a preg_replace function call within the "Replace table prefix" feature.
CVE-2013-3239 EXPLOITDB
phpMyAdmin <3.5.8 and <4.0.0-rc3 - Authenticated RCE
phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory is configured, allows remote authenticated users to execute arbitrary code by using a double extension in the filename of an export file, leading to interpretation of this file as an executable file by the Apache HTTP Server, as demonstrated by a .php.sql filename.
CVE-2013-3240 EXPLOITDB
phpMyAdmin <4.0.0-rc3 - Path Traversal
Directory traversal vulnerability in the Export feature in phpMyAdmin 4.x before 4.0.0-rc3 allows remote authenticated users to read arbitrary files or possibly have unspecified other impact via a parameter that specifies a crafted export type.
CVE-2015-6517 EXPLOITDB
Phpliteadmin - CSRF
Cross-site request forgery (CSRF) vulnerability in phpLiteAdmin 1.1 allows remote attackers to hijack the authentication of users for requests that drop database tables via the droptable parameter to phpliteadmin.php.
By Source
All 50,123 Exploitdb 50,123 Writeup 46,621 Nomisec 21,121 Metasploit 3,189 Github 2,231 Vulncheck_xdb 900 Inthewild 518 Gitlab 438 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,731 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 359 javascript 259 c++ 245 shell 68 go 41 postscript 25 xml 24