Exploitdb Exploits
50,095 exploits tracked across all sources.
Joomla! Component Projects 'com_projects' - SQL Injection / Local File Inclusion
by jos_ali_joe
Energine < 2.3.8 - SQL Injection via NRGNSID Cookie
SQL injection vulnerability in index.php in Energine, possibly 2.3.8 and earlier, allows remote attackers to execute arbitrary SQL commands via the NRGNSID cookie.
by High-Tech Bridge SA
DZCP (deV!L_z Clanportal) 1.5.4 - Local File Inclusion
by High-Tech Bridge SA
DBHcms 1.1.4 - 'dbhcms_user/SearchString' SQL Injection
by High-Tech Bridge SA
BloofoxCMS 0.3.5 - SQL Injection via Gender Parameter
SQL injection vulnerability in index.php in BloofoxCMS 0.3.5 allows remote attackers to execute arbitrary SQL commands via the gender parameter.
by High-Tech Bridge SA
BloofoxCMS 0.3.5 - Information Disclosure
by High-Tech Bridge SA
BlogBird Platform - Multiple Cross-Site Scripting Vulnerabilities
by High-Tech Bridge SA
AlstraSoft Web Email Script Enterprise - SQL Injection
SQL injection vulnerability in index.php in AlstraSoft Web Email Script Enterprise (ESE) allows remote attackers to execute arbitrary SQL commands via the id parameter in a directory action.
by Salvatore Fresta
DescargarVista ACC IMoveis 1.1 - SQL Injection via id Parameter
SQL injection vulnerability in imoveis.php in DescargarVista ACC IMoveis 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by EraGoN
BigACE 2.7.3 - Cross-Site Request Forgery (Change Admin Password)
by Sweet
NitroSecurity NitroView ESM 8.4.0a - Remote Command Execution via Request Parameter
ess.pm in NitroSecurity NitroView ESM 8.4.0a, when ESSPMDebug is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in the Request parameter to ess.
by s_n
NitroSecurity NitroView ESM 8.4.0a - Remote Command Execution via Request Parameter
ess.pm in NitroSecurity NitroView ESM 8.4.0a, when ESSPMDebug is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in the Request parameter to ess.
by Filip Palian
Microsoft Windows Vista - 'lpksetup.exe oci.dll' DLL Loading Arbitrary Code Execution
by Tyler Borland
Winamp < 5.6 - Buffer Overflow in in_mod Plugin via Comment Box
Buffer overflow in the in_mod plugin in Winamp before 5.6 allows remote attackers to have an unspecified impact via vectors related to the comment box.
by Mighty-D & 7eK
Plesk Small Business Manager 10.2.0 and Site Editor - Multiple Vulnerabilities
by David Hoyt
Oracle VM Server Virtual Server Agent Command Injection
Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to ovs-agent. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a third party researcher that this is related to the exposure of unspecified functions using XML-RPC.
by Metasploit
Pulse Pro 1.4.3 - Persistent Cross-Site Scripting
by Th3 RDX
DBHcms 1.1.4 - SQL Injection via Editmenu Parameter
SQL injection vulnerability in index.php in DBHcms 1.1.4 allows remote attackers to execute arbitrary SQL commands via the editmenu parameter.
by ZonTa
HP Data Protector Media Operations 6.11 - HTTP Server Remote Integer Overflow Denial of Service
by d0lc3
By Source