Exploitdb Exploits
50,095 exploits tracked across all sources.
webSPELL 4.2.1 - SQL Injection via asearch.php Search Parameter
SQL injection vulnerability in asearch.php in webSPELL 4.2.1 allows remote attackers to execute arbitrary SQL commands via the search parameter.
by silent vapor
Pluck CMS 4.6.3 - 'cont1' HTML Injection
by High-Tech Bridge SA
MyPhpAuction 2010 - SQL Injection via product_desc.php id Parameter
SQL injection vulnerability in product_desc.php in MyPhpAuction 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by h4ck3r
MODx Revolution <2.0.2-pl - Path Traversal
Directory traversal vulnerability in manager/controllers/default/resource/tvs.php in MODx Revolution 2.0.2-pl, and possibly earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the class_key parameter. NOTE: some of these details are obtained from third party information.
by John Leitch
MODx Revolution 2.0.2-pl - Cross-Site Scripting via modhash Parameter
Cross-site scripting (XSS) vulnerability in manager/index.php in MODx Revolution 2.0.2-pl allows remote attackers to inject arbitrary web script or HTML via the modhash parameter.
by John Leitch
GetSimple CMS 2.01 - Stored Cross-Site Scripting via Post-Title Parameter
Cross-site scripting (XSS) vulnerability in admin/changedata.php in GetSimple CMS 2.01 allows remote attackers to inject arbitrary web script or HTML via the post-title parameter.
by High-Tech Bridge SA
Linux kernel <2.6.35 - Info Disclosure
The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle.
by Red Hat
CVSS 8.1
Linux kernel <2.6.36-rc6 - Info Disclosure/DoS
Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and system crash) via a crafted index value in a PKT_CTRL_CMD_STATUS ioctl call.
by Jon Oberheide
Aleza Portal 1.6 - Insecure SQL Injection / Cookie Handling
by KnocKout
Microsoft Windows VBScript - Remote Code Execution via MsgBox Help File Argument
vbscript.dll in VBScript 5.1, 5.6, 5.7, and 5.8 in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, allows user-assisted remote attackers to execute arbitrary code by referencing a (1) local pathname, (2) UNC share pathname, or (3) WebDAV server with a crafted .hlp file in the fourth argument (aka helpfile argument) to the MsgBox function, leading to code execution involving winhlp32.exe when the F1 key is pressed, aka "VBScript Help Keypress Vulnerability."
by Metasploit
Windows 2000 Server SP4 and Server 2003 SP1/SP2 - Remote Code Execution via DNS RPC Zone Name Overflow
Stack-based buffer overflow in the RPC interface in the Domain Name System (DNS) Server Service in Microsoft Windows 2000 Server SP 4, Server 2003 SP 1, and Server 2003 SP 2 allows remote attackers to execute arbitrary code via a long zone name containing character constants represented by escape sequences.
by Metasploit
phpmyfaq < 2.6.9 - Cross-Site Scripting via PATH_INFO to index.php
Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.6.9 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php.
by Yam Mesicka
Micro CMS 1.0 b1 - Persistent Cross-Site Scripting
by SecPod Research
Achievo 1.4.3 - Multiple Authorisation Vulnerabilities
by Pablo Milano
ALLPC 2.5 - SQL Injection via products_id Parameter
SQL injection vulnerability in product_info.php in ALLPC 2.5 allows remote attackers to execute arbitrary SQL commands via the products_id parameter.
by **RoAd_KiLlEr**
Digital Music Pad v8.2.3.3.4 - Buffer Overflow
Digital Music Pad v8.2.3.3.4 contains a stack-based buffer overflow vulnerability in its playlist file parser. When opening a .pls file containing an excessively long string in the File1 field, the application fails to properly validate input length, resulting in corruption of the Structured Exception Handler (SEH) on the stack. This flaw may allow an attacker to control execution flow when the file is opened, potentially leading to arbitrary code execution.
by Abhishek Lyall
Barracuda <October 2010 - Path Traversal
Barracuda products, confirmed in Spam & Virus Firewall, SSL VPN, and Web Application Firewall versions prior to October 2010, contain a path traversal vulnerability in the view_help.cgi endpoint. The locale parameter fails to properly sanitize user input, allowing attackers to inject traversal sequences and null-byte terminators to access arbitrary files on the underlying system. By exploiting this flaw, unauthenticated remote attackers can retrieve sensitive configuration files such as /mail/snapshot/config.snapshot, potentially exposing credentials, internal settings, and other critical data.
by ShadowHatesYou
ALLPC 2.5 - Cross-Site Scripting via Advanced Search Keywords Parameter
Cross-site scripting (XSS) vulnerability in advanced_search_result.php in ALLPC 2.5 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter.
by **RoAd_KiLlEr**
VirIT eXplorer 6.7.43 - 'tg-scan.dll' DLL Loading Arbitrary Code Execution
by anT!-Tr0J4n
By Source