Exploitdb Exploits
50,095 exploits tracked across all sources.
InterJoomla ArtForms 2.1b7.2 RC2 - SQL Injection
Multiple SQL injection vulnerabilities in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allow remote attackers to execute arbitrary SQL commands via the viewform parameter in a (1) ferforms or (2) tferforms action to index.php, and the (3) id parameter in a vferforms action to index.php.
by Salvatore Fresta
InterJoomla ArtForms (com_artforms) 2.1b7.2 RC2 - Cross-Site Scripting via afmsg Parameter
Cross-site scripting (XSS) vulnerability in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the afmsg parameter to index.php.
by Salvatore Fresta
Sijio Community Software - Authenticated Stored Cross-Site Scripting via Blog Title Parameter
Cross-site scripting (XSS) vulnerability in Sijio Community Software allows remote authenticated users to inject arbitrary web script or HTML via the title parameter when adding a new blog, related to edit_blog/index.php. NOTE: some of these details are obtained from third party information.
by Sid3^effects
Sijio Community Software - SQL Injection
SQL injection vulnerability in gallery/index.php in Sijio Community Software allows remote attackers to execute arbitrary SQL commands via the parent parameter.
by Sid3^effects
Apache HTTP Server 1.3-1.3.24 & 2.0-2.0.36 - DoS & RCE via Chunk-Encoded Request
Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.
by Metasploit
Microsoft w3who.dll - Buffer Overflow via Long Query String
Buffer overflow in the Microsoft W3Who ISAPI (w3who.dll) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long query string.
by Metasploit
MailEnable Enterprise < 1.04 and Professional < 1.54 - Remote Code Execution via HTTP Authorization Header
Buffer overflow in HTTPMail in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earlier allows remote attackers to execute arbitrary code via a long HTTP Authorization header.
by Metasploit
BadBlue 2.55 - Remote Code Execution via Long mfcisapicommand Parameter
Buffer overflow in ext.dll in BadBlue 2.55 allows remote attackers to execute arbitrary code via a long mfcisapicommand parameter.
by Metasploit
Alt-N SecurityGateway 1.0.1 - Stack-Based Buffer Overflow via Long Username Parameter
Stack-based buffer overflow in SecurityGateway.dll in Alt-N Technologies SecurityGateway 1.0.1 allows remote attackers to execute arbitrary code via a long username parameter.
by Metasploit
HP OpenView Network Node Manager ovwebsnmpsrv.exe ovutil Buffer Overflow
Buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unspecified parameters to jovgraph.exe, aka ZDI-CAN-683.
by bitform
Worxware DCP-Portal 7.0 - Multiple Cross-Site Scripting Vulnerabilities
by Andrei Rimsa Alvares
Simple Document Management System - SQL Injection
SQL injection vulnerability in detail.php in Simple Document Management System (SDMS) allows remote attackers to execute arbitrary SQL commands via the doc_id parameter.
by Sid3^effects
Sijio Community Software - Authenticated Cross-Site Scripting via Title Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Sijio Community Software allow remote authenticated users to inject arbitrary web script or HTML via the title parameter when (1) editing a new blog, (2) adding an album, or (3) editing an album. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by Sid3^effects
RunCMS 2.1 - 'check.php' Cross-Site Scripting
by Andrei Rimsa Alvares
Payments Plus 2.1.5 - SQL Injection
SQL injection vulnerability in the Payments Plus component 2.1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the type parameter to add.html.
by Sid3^effects
InterJoomla ArtForms <2.1b7.2 - Path Traversal
Directory traversal vulnerability in assets/captcha/includes/alikon/playcode.php in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the l parameter.
by Salvatore Fresta
Exponent CMS 0.97.0 - Cross-Site Scripting via u Parameter
Cross-site scripting (XSS) vulnerability in modules/slideshowmodule/slideshow.js.php in Exponent CMS 0.97.0 allows remote attackers to inject arbitrary web script or HTML via the u parameter.
by Andrei Rimsa Alvares
Ubisoft Ghost Recon Advanced Warfighter - Integer Overflow / Array Indexing Overflow
by Luigi Auriemma
Altair Engineering PBS Pro 10.x - 'pbs_mom' Insecure Temporary File Creation
by Bartlomiej Balcerek
Harris Stratex StarMAX 2100 WIMAX Subscriber Station - Running Configuration Cross-Site Request Forgery
by kalyanakumar
By Source