Exploitdb Exploits
50,095 exploits tracked across all sources.
DAlbum < 1.44 - Cross-Site Request Forgery in User Management
Multiple cross-site request forgery (CSRF) vulnerabilities in photo/pass.php in DAlbum 1.44 build 174 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add a user via an add action, (2) change user passwords via a change action, or (3) delete a user via a delete action.
by Ahmed Elhady Mohamed
Coppermine Photo Gallery < 1.5.20 - Exposure of Sensitive Information via Error Message
Coppermine Photo Gallery before 1.5.20 allows remote attackers to obtain sensitive information via (1) a direct request to plugins/visiblehookpoints/index.php, an invalid (2) page or (3) cat parameter to thumbnails.php, an invalid (4) page parameter to usermgr.php, or an invalid (5) newer_than or (6) older_than parameter to search.inc.php, which reveals the installation path in an error message.
by waraxe
ArticleSetup - Multiple Persistence Cross-Site Scripting / SQL Injections
by SecPod Research
Java AtomicReferenceArray Type Violation Vulnerability
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.
by Metasploit
CVSS 9.8
Simple Machines Forum 2.0.2 - Cross-Site Scripting via Scheduled Parameter
Cross-site scripting (XSS) vulnerability in Simple Machines Forum (SMF) 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the scheduled parameter to index.php.
by Am!r
ezjscore < 1.4 - Cross-Site Scripting via textEncode Function
Cross-site scripting (XSS) vulnerability in the textEncode function in classes/ezjscajaxcontent.php in eZ JS Core in eZ Publish before 1.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
by Yann MICHARD
Quest InTrust < 10.4.0.853 - Arbitrary File Write via ARDoc ActiveX SaveToFile Method
The (1) SimpleTree and (2) ReportTree classes in the ARDoc ActiveX control (ARDoc.dll) in Quest InTrust 10.4.0.853 and earlier do not properly implement the SaveToFile method, which allows remote attackers to write or overwrite arbitrary files via the bstrFileName argument.
by rgod
Quest InTrust < 10.4.0.853 - Remote Code Execution via Annotation Objects ActiveX Control
The Annotation Objects Extension ActiveX control in AnnotateX.dll in Quest InTrust 10.4.0.853 and earlier does not properly implement the Add method, which allows remote attackers to execute arbitrary code via a memory address in the first argument, related to an "uninitialized pointer."
by rgod
Apple Safari 5.1.5 For Windows - 'window.open()' URI Spoofing
by Lostmon
KnFTPd 1.0.0 - Authenticated Denial of Service via FEAT Command Buffer Overflow
Buffer overflow in KnFTPd 1.0.0 allows remote authenticated users to cause a denial of service (crash) via a long string in a FEAT command.
by Stefan Schurtz
WordPress Integrator 1.32 - Cross-Site Scripting via redirect_to Parameter
Cross-site scripting (XSS) vulnerability in wp-integrator.php in the WordPress Integrator module 1.32 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirect_to parameter to wp-login.php.
by Stefan Schurtz
TomatoCart 1.2.0 Alpha 2 - Path Traversal via json.php Module Parameter
Directory traversal vulnerability in json.php in TomatoCart 1.2.0 Alpha 2 and possibly earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the module parameter in a "3" action.
by Canberk BOLAT
PicoPublisher 2.0 - SQL Injection via id Parameter
Multiple SQL injection vulnerabilities in PicoPublisher 2.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) page.php or (2) single.php.
by ZeTH
ocPortal < 7.1.6 - Cross-Site Scripting via Code Editor Path or Line Parameters
Multiple cross-site scripting (XSS) vulnerabilities in code_editor.php in ocPortal before 7.1.6 allow remote attackers to inject arbitrary web script or HTML via the (1) path or (2) line parameters.
by High-Tech Bridge
Invision Power Board (IP.Board) 4.2.1 - 'searchText' Cross-Site Scripting
by sonyy
BoastMachine 3.1 - Cross-Site Request Forgery (Add Admin)
by Dr.NaNo
TRENDnet SecurView TV-IP121WN - Buffer Overflow
Stack-based buffer overflow in the UltraMJCam ActiveX Control in TRENDnet SecurView TV-IP121WN Wireless Internet Camera allows remote attackers to execute arbitrary code via a long string to the OpenFileDlg method.
by rgod
Camera Stream Client < - Buffer Overflow
Stack-based buffer overflow in the SelectDirectory method in DcsCliCtrl.dll in Camera Stream Client ActiveX Control, as used in D-Link DCS-5605 PTZ IP Network Camera, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string argument.
by rgod
NextBBS 0.6 - Cross-Site Scripting via Do Parameter
Cross-site scripting (XSS) vulnerability in NextBBS 0.6 allows remote attackers to inject arbitrary web script or HTML via the do parameter to index.php.
by waraxe
NextBBS 0.6 - SQL Injection via curstr id or username Parameter
Multiple SQL injection vulnerabilities in ajaxserver.php in NextBBS 0.6 allow remote attackers to execute arbitrary SQL commands via the (1) curstr parameter in the findUsers function, (2) id parameter in the isIdAvailable function, or (3) username parameter in the getGreetings function.
by waraxe
Matthew1471 BlogX - Multiple Cross-Site Scripting Vulnerabilities
by demonalex
By Source