Exploitdb Exploits
50,095 exploits tracked across all sources.
My Kazaam Address & Contact Organizer - SQL Injection
SQL injection vulnerability in address_book/contacts.php in My Kazaam Address & Contact Organizer allows remote attackers to execute arbitrary SQL commands via the var1 parameter.
by v3n0m
Joomla! com_redshop 1.0 - SQL Injection
SQL injection vulnerability in the redSHOP Component (com_redshop) 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter to index.php.
by v3n0m
Joomla! Component Rapid-Recipe - Persistent Cross-Site Scripting
by Sid3^effects
Joomla! Component Rapid-Recipe - HTML Injection
by Sid3^effects
eliteCMS 1.01 - Multiple Cross-Site Scripting Vulnerabilities
by 10n1z3d
Elite CMS 1.01 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities
by 10n1z3d
Edge PHP Clickbank Affiliate Marketplace Script - XSS
Cross-site scripting (XSS) vulnerability in index.php in Edge PHP Clickbank Affiliate Marketplace Script (CBQuick) allows remote attackers to inject arbitrary web script or HTML via the search parameter.
by L0rd CrusAd3r
Sun Java System Web Server 7.0 Update 7 - Stack-Based Buffer Overflow via WebDAV OPTIONS Request
Stack-based buffer overflow in the WebDAV implementation in webservd in Sun Java System Web Server (aka SJWS) 7.0 Update 7 allows remote attackers to cause a denial of service (daemon crash) and possibly have unspecified other impact via a long URI in an HTTP OPTIONS request.
by dmc
MP3 Cutter 1.8 MP3 - File Processing Remote Denial of Service
by Prashant Uniyal
Internet Explorer - Exposure of Sensitive Information via Timer ID Heap Address Leak
The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft mshtml.dll uses a certain pointer value as part of producing Timer ID values for the setTimeout and setInterval methods in VBScript and JScript, which allows remote attackers to obtain sensitive information about the heap memory addresses used by an application, as demonstrated by the Internet Explorer 8 application.
by Ruben Santamarta
Yappa 3.1.2 - 'yappa.php' Multiple Remote Command Execution Vulnerabilities
by Sn!pEr.S!Te Hacker
WordPress Plugin Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities
by Jelmer de Hen
WordPress Plugin Firestats - Remote Configuration File Download
by Jelmer de Hen
SimpNews < 2.47.03 - Cross-Site Scripting via Layout and Sortorder Parameters
Multiple cross-site scripting (XSS) vulnerabilities in news.php in SimpNews 2.47.03 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) layout and (2) sortorder parameters.
by MustLive
Real Estate Manager 1.0.1 - 'index.php' Cross-Site Scripting
by bi0
Joomla! com_quickfaq 1.0.3 - SQL Injection
SQL injection vulnerability in the QuickFAQ (com_quickfaq) component 1.0.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a category action to index.php.
by RoAd_KiLlEr
Joomla! Component Minify4Joomla! - Arbitrary File Upload / Persistent Cross-Site Scripting
by Sid3^effects
dotDefender 3.8-5 - Remote Code Execution (via Cross-Site Scripting)
by rAWjAW
By Source