Exploitdb Exploits
50,083 exploits tracked across all sources.
PHP Address Book 8.2.5 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) addressbook/register/delete_user.php, (2) addressbook/register/edit_user.php, or (3) addressbook/register/edit_user_save.php; the email parameter to (4) addressbook/register/edit_user_save.php, (5) addressbook/register/reset_password.php, (6) addressbook/register/reset_password_save.php, or (7) addressbook/register/user_add_save.php; the username parameter to (8) addressbook/register/checklogin.php or (9) addressbook/register/reset_password_save.php; the (10) lastname, (11) firstname, (12) phone, (13) permissions, or (14) notes parameter to addressbook/register/edit_user_save.php; the (15) q parameter to addressbook/register/admin_index.php; the (16) site parameter to addressbook/register/linktick.php; the (17) password parameter to addressbook/register/reset_password.php; the (18) password_hint parameter to addressbook/register/reset_password_save.php; the (19) var parameter to addressbook/register/traffic.php; or a (20) BasicLogin cookie to addressbook/register/router.php.
by Jurgen Voorneveld
Apache Subversion 1.6.0-1.6.20 and 1.7.0-1.7.8 - Denial of Service via Anonymous LOCK Request
The mod_dav_svn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an anonymous LOCK for a URL that does not exist.
by anonymous
Apache Subversion 1.7.0-1.7.8 - Denial of Service via Invalid Log REPORT Request
The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (segmentation fault and crash) via a log REPORT request with an invalid limit, which triggers an access of an uninitialized variable.
by Greg McMullin
Google Chrome <27.0.1453.93 - Use After Free
Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of widgets.
by Google Security Research
Firefox < 27.0 - Cross-Site Request Forgery via Malformed Cookie Header
Mozilla Firefox through 27 sends HTTP Cookie headers without first validating that they have the required character-set restrictions, which allows remote attackers to conduct the equivalent of a persistent Logout CSRF attack via a crafted parameter that forces a web application to set a malformed cookie within an HTTP response.
by anonymous
Google Chrome < 28.0.1500.95 - Cross-Site Request Forgery via Malformed Cookie
Google Chrome before 29 sends HTTP Cookie headers without first validating that they have the required character-set restrictions, which allows remote attackers to conduct the equivalent of a persistent Logout CSRF attack via a crafted parameter that forces a web application to set a malformed cookie within an HTTP response.
by anonymous
Symphony CMS <2.3.2 - SQL Injection
SQL injection vulnerability in Symphony CMS before 2.3.2 allows remote authenticated users to execute arbitrary SQL commands via the sort parameter to system/authors/. NOTE: this can be leveraged using CSRF to allow remote unauthenticated attackers to execute arbitrary SQL commands.
by High-Tech Bridge
FUDforum 3.0.4 - Remote Code Execution via PHP Code Injection
PHP Code Injection vulnerability in FUDforum Bulletin Board Software 3.0.4 could allow remote attackers to execute arbitrary code on the system.
by High-Tech Bridge
CVSS 7.2
e107 < 1.0.3 - Cross-Site Scripting via Query String
Cross-site scripting (XSS) vulnerability in e107_plugins/content/handlers/content_preset.php in e107 before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the query string.
by Simon Bieber
C2 WebResource - Cross-Site Scripting via File Parameter in fileview.asp
Cross-site scripting (XSS) vulnerability in fileview.asp in C2 WebResource allows remote attackers to inject arbitrary web script or HTML via the File parameter.
by anonymous
Netgear WNR1000v3 <1.0.2.60 - Auth Bypass
Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass via the NtgrBak key.
by Roberto Paleari
CVSS 9.8
Netgear WNR1000v3 <1.0.2.60 - Auth Bypass
Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass due to the server skipping checks for URLs containing a ".jpg".
by Roberto Paleari
CVSS 9.8
VirtualDJ Pro/Home 7.3 - Local Buffer Overflow
by Alexandro Sánchez Bach
WP FuneralPress < 1.1.7 - Cross-Site Scripting via User Obits Parameters
Multiple cross-site scripting (XSS) vulnerabilities in user/obits.php in the WP FuneralPress plugin before 1.1.7 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) message, (2) photo-message, or (3) youtube-message parameter.
by Rob Armstrong
Pollen CMS 0.6 - 'index.php?p' Paramete' Local File Disclosure
by MizoZ
Network Weathermap < 0.97b - Stored Cross-Site Scripting via Map Title Parameter
Cross-site scripting (XSS) vulnerability in editor.php in Network Weathermap before 0.97b allows remote attackers to inject arbitrary web script or HTML via the map_title parameter.
by Daniel Ricardo dos Santos
Aspen < 0.8 - Path Traversal via Default URI
Directory traversal vulnerability in Aspen before 0.22 allows remote attackers to read arbitrary files via a .. (dot dot) to the default URI.
by Daniel Ricardo dos Santos
WordPress Plugin Feedweb - 'wp_post_id' Cross-Site Scripting
by Stefan Schurtz
McAfee Virtual Technician and ePO-MVT < 6.5.0.2101 - Arbitrary File Write via McHealthCheck.dll Save Method
An ActiveX control in McHealthCheck.dll in McAfee Virtual Technician (MVT) and ePO-MVT 6.5.0.2101 and earlier allows remote attackers to modify or create arbitrary files via a full pathname argument to the Save method.
by High-Tech Bridge SA
Stormy Studios Knet <= 1.04c - Buffer Overflow via Long HTTP GET Request
Buffer overflow in Stormy Studios Knet 1.04c and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long HTTP GET request.
by Myo Soe
Oracle JRE < 1.7.0 - Remote Code Execution via Crafted Image Raster Parameters
The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013.
by Metasploit
Synchroweb SynConnect 2.0 - SQL Injection via LoginID Parameter
SQL injection vulnerability in index.php in Synchroweb Technology SynConnect 2.0 allows remote attackers to execute arbitrary SQL commands via the loginid parameter in a logoff action.
by Bhadresh Patel
AWS XMS 2.5 - Path Traversal via 'what' Parameter
Directory traversal vulnerability in AWS XMS 2.5 allows remote attackers to view arbitrary files via the 'what' parameter.
by High-Tech Bridge SA
CVSS 7.5
By Source