Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2012-6508 EXPLOITDB
NetArt Media Car Portal 3.0 - Cross-Site Request Forgery in Admin Security Module
Multiple cross-site request forgery (CSRF) vulnerabilities in NetArt Media Car Portal 3.0 allow remote attackers to hijack the authentication of administrators for requests that (1) change arbitrary user passwords via a nouveau action in the security module to cars/ADMIN/index.php; (2) create a user or (3) create a sub user via a sub_accounts action in the home module to USERS/index.php; or (4) change profile information via an edit action in the profile module to USERS/index.php.
CVE-2012-6509 EXPLOITDB
NetArt Media Car Portal 3.0 - Unauthenticated Arbitrary File Upload via Double Extension Bypass
Unrestricted file upload vulnerability in NetArt Media Car Portal 3.0 allows remote attackers to execute arbitrary PHP code by uploading a file a double extension, as demonstrated by .php%00.jpg.
CVE-2009-4032 EXPLOITDB
Cacti 0.8.7e - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7e allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) graph.php, (2) include/top_graph_header.php, (3) lib/html_form.php, and (4) lib/timespan_settings.php, as demonstrated by the (a) graph_end or (b) graph_start parameters to graph.php; (c) the date1 parameter in a tree action to graph_view.php; and the (d) page_refresh and (e) default_dual_pane_width parameters to graph_settings.php.
CVE-2008-6311 EXPLOITDB
Butterfly Organizer 2.0.1 - SQL Injection via mytable Parameter
SQL injection vulnerability in view.php in Butterfly Organizer 2.0.1 allows remote attackers to execute arbitrary SQL commands via the mytable parameter. NOTE: the id vector is covered by another CVE name.
CVE-2008-3166 EXPLOITDB
BoonEx Ray 3.5 - Remote Code Execution via sIncPath Parameter
PHP remote file inclusion vulnerability in modules/global/inc/content.inc.php in BoonEx Ray 3.5, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the sIncPath parameter.
CVE-2008-1866 EXPLOITDB
PixelMotion Blog - Authenticated PHP ZIP Upload Code Execution
admin/modif_config.php in Blog Pixel Motion (aka PixelMotion) does not require admin authentication, which allows remote authenticated users to upload arbitrary PHP scripts in a ZIP archive, which is written to templateZip/ and then automatically extracted under templates/ for execution via a direct request.
CVE-2006-5085 EXPLOITDB perl
Blog Pixel Motion 2.1.1 - Code Injection
Static code injection vulnerability in config.php in Blog Pixel Motion 2.1.1 allows remote attackers to execute arbitrary PHP code via the nom_blog parameter, which is injected into include/variables.php.
CVE-2012-5192 EXPLOITDB
bitweaver < 2.8.1 - Path Traversal via overlay_type Parameter
Directory traversal vulnerability in gmap/view_overlay.php in Bitweaver 2.8.1 and earlier allows remote attackers to read arbitrary files via "''%2F" (dot dot encoded slash) sequences in the overlay_type parameter.
CVE-2006-3103 EXPLOITDB php
bitweaver 1.3 - Cross-Site Scripting via Error and Feedback Parameters
Cross-site scripting (XSS) vulnerability in Bitweaver 1.3 allows remote attackers to inject arbitrary web script or HTML via the (1) error parameter in users/login.php and the (2) feedback parameter in articles/index.php.
CVE-2006-3104 EXPLOITDB php
bitweaver 1.3 - Information Disclosure via Invalid sort_mode Parameter
users/index.php in Bitweaver 1.3 allows remote attackers to obtain sensitive information via an invalid sort_mode parameter, which reveals the installation path and database information in the resultant error message.
CVE-2013-4881 EXPLOITDB
BigTree CMS < 4.0 - Cross-Site Request Forgery via User Creation
Cross-site request forgery (CSRF) vulnerability in core/admin/modules/users/create.php in BigTree CMS 4.0 RC2 and earlier allows remote attackers to hijack the authentication of administrators for requests that create an administrative user via an add user action to index.php.
CVE-2013-4879 EXPLOITDB
BigTree CMS <4.0 RC2 - SQL Injection
SQL injection vulnerability in core/inc/bigtree/cms.php in BigTree CMS 4.0 RC2 and earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to index.php.
CVE-2012-5698 EXPLOITDB HIGH
babygekko < 1.2.4 - SQL Injection
BabyGekko before 1.2.4 has SQL injection.
CVSS 8.8
CVE-2012-5699 EXPLOITDB CRITICAL
babygekko < 1.2.4 - PHP File Inclusion
BabyGekko before 1.2.4 allows PHP file inclusion.
CVSS 9.8
CVE-2005-1201 EXPLOITDB
AZ Bulletin board <1.0.08 - Path Traversal
Multiple directory traversal vulnerabilities in AZ Bulletin board (AZbb) before 1.0.08 allow (1) remote authenticated users with administrative privileges to delete arbitrary files via a .. (dot dot) in the URL to admin_avatar.php or admin_attachment.php or (2) remote attackers to enumerate files via a .. (dot dot) in the attachment parameter to attachment.php, which displays a different message when a file exists or does not exist.
CVE-2008-4073 EXPLOITDB
Zanfi Autodealers CMS AutOnline - SQL Injection via pageid Parameter
SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL commands via the pageid parameter in a DBpAGE action.
CVE-2010-1051 EXPLOITDB
AudiStat 1.3 - SQL Injection via Year or Month Parameter
Multiple SQL injection vulnerabilities in index.php in AudiStat 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) year and (2) month parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2012-5167 EXPLOITDB
ATutor AContent <1.2 - SQL Injection
Multiple SQL injection vulnerabilities in ATutor AContent before 1.2-1 allow remote attackers to execute arbitrary SQL commands via the (1) field parameter to course_category/index_inline_editor_submit.php or (2) user/index_inline_editor_submit.php; or (3) id parameter to user/user_password.php.
CVE-2007-4552 EXPLOITDB
Agares Media Arcadem 2.01 - SQL Injection
SQL injection vulnerability in index.php in Agares Media Arcadem 2.01 allows remote attackers to execute arbitrary SQL commands via the blockpage parameter. NOTE: as of 20070827, the vendor has made conflicting statements regarding whether this issue exists or not.
CVE-2006-6819 EXPLOITDB
AlstraSoft Web Host Directory - Info Disclosure
AlstraSoft Web Host Directory stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a backup database via a direct request for admin/backup/db.
CVE-2012-3834 EXPLOITDB python
AlienVault Open Source Security Information Management 3.1 - Authenticated SQL Injection via time[0][0] Parameter
SQL injection vulnerability in forensics/base_qry_main.php in AlienVault Open Source Security Information Management (OSSIM) 3.1 allows remote authenticated users to execute arbitrary SQL commands via the time[0][0] parameter.
CVE-2020-8776 EXPLOITDB MEDIUM
Alfresco < 5.2.7 and < 6.2.0 - Cross-Site Scripting via File URL Property
Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via the URL property of a file.
CVSS 5.4
CVE-2020-8777 EXPLOITDB MEDIUM
Alfresco < 5.2.7 and < 6.2.0 - Stored Cross-Site Scripting via User Profile Photo SVG
Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via a user profile photo, as demonstrated by a SCRIPT element in an SVG document.
CVSS 5.4
CVE-2013-5688 EXPLOITDB
AjaXplorer <= 5.0.2 - Authenticated Path Traversal and Arbitrary File Write via Null Byte in File Parameter
Multiple directory traversal vulnerabilities in index.php in AjaXplorer 5.0.2 and earlier allow remote authenticated users to read arbitrary files via a ../%00 (dot dot backslash encoded null byte) in the file parameter in a (1) download or (2) get_content action, or (3) upload arbitrary files via a ../%00 (dot dot backslash encoded null byte) in the dir parameter in an upload action.
CVE-2008-5638 EXPLOITDB
Active Price Comparison 4 - SQL Injection
Multiple SQL injection vulnerabilities in Active Price Comparison 4 allow remote attackers to execute arbitrary SQL commands via the (1) ProductID parameter to reviews.aspx or the (2) linkid parameter to links.asp.
By Source
All 50,076 Writeup 62,313 Exploitdb 50,076 Nomisec 22,418 Github 3,633 Metasploit 3,314 Vulncheck_xdb 929 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,574 ruby 6,005 c 3,628 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 229 shell 131 go 73 postscript 25 typescript 25