Exploitdb Exploits
50,095 exploits tracked across all sources.
2daybiz Video Community Portal Script 1.0 - SQL Injection via videoid Parameter
SQL injection vulnerability in video.php in 2daybiz Video Community Portal Script 1.0 allows remote attackers to execute arbitrary SQL commands via the videoid parameter.
by L0rd CrusAd3r
SoftComplex PHP Event Calendar 1.5 - Multiple Remote Vulnerabilities
by cp77fk4r
Softbiz Resource Repository Script - Blind SQL Injection
by Sangteamtham
Softbiz PHP FAQ Script - Blind SQL Injection
by Sangteamtham
PreProject Multi-Vendor Shopping Malls - SQL Injection
by Sangteamtham
Online Classified System Script - SQL Injection / Cross-Site Scripting
by L0rd CrusAd3r
K-Search - Cross-Site Scripting via Term Parameter
Cross-site scripting (XSS) vulnerability in index.php in K-Search allows remote attackers to inject arbitrary web script or HTML via the term parameter.
by Sangteamtham
com_picasa2gallery < 1.2.8 - Path Traversal via Controller Parameter
Directory traversal vulnerability in the Picasa2Gallery (com_picasa2gallery) component 1.2.8 and earlier for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
by kaMtiEz
Joomla! Component com_ybggal 1.0 - 'catid' SQL Injection
by v3n0m
2daybiz Job Search Engine Script - SQL Injection via show_search_result.php keyword parameter
SQL injection vulnerability in show_search_result.php in 2daybiz Job Search Engine Script allows remote attackers to execute arbitrary SQL commands via the keyword parameter.
by L0rd CrusAd3r
Hot or Not Picture Rating Script - SQL Injection
by L0rd CrusAd3r
Cornerstone Technologies webConductor - SQL Injection
SQL injection vulnerability in default.php in Cornerstone Technologies webConductor allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Th3 RDX
Solaris - Unauthenticated Remote Privilege Escalation via sadmind AUTH_SYS Spoofing
The default installation of sadmind on Solaris uses weak authentication (AUTH_SYS), which allows local and remote attackers to spoof Solstice AdminSuite clients and gain root privileges via a certain sequence of RPC packets.
by Metasploit
Firefox 3.5.x-3.5.9 and 3.6.x-3.6.3 - Remote Code Execution via XSLT Node Sorting Integer Overflow
Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node.
by Martin Barbella
Site2Nite Boat Classifieds - SQL Injection
SQL injection vulnerability in detail.asp in Site2Nite Boat Classifieds allows remote attackers to execute arbitrary SQL commands via the ID parameter.
by Sangteamtham
By Source