CVE Certified
GHDB

Google Hacking Database

Vulnerable Files

HUNDREDS of vulnerable files that Google can find on websites...

DATE Title Summary
2013-09-24 -site:simplemachines.org "These are the paths... Dork: -site:simplemachines.org "These are the paths and URLs to your SMF installation&qu...
2011-08-25 allinurl:forcedownload.php?file= Didn't see this anywhere in the GHDB, but its been known for a while and widely abused by oth...
2011-05-28 ionCube Loader Wizard information disclosure inurl:loader-wizard ext:php This dork displays sensitive information Auth0r: MaXe...
2011-05-27 vBulletin Install Page Detection inurl:/install/install.php intitle:vBulletin * Install System This dork displays the untreat...
2006-09-13 inurl:"simplenews/admin" hxxp://evuln.com/vulns/94/summary.html...
2006-02-28 inurl:updown.php | intext:"Powered by PHP Upl... this (evil ) script lets you to upload a php shell on target server, in most cases not password...
2005-12-19 inurl:guestbook/guestbooklist.asp "Post Date&... A sql vulnerability has been reported in a Techno Dreams asp script, login.asp. http://search.s...
2005-10-26 intitle:"CJ Link Out V1" A cross site scripting vunerability has been discovered in CJ linkout version 1.x. CJ linkout i...
2005-09-26 "powered by mailgust" MailGust 1.9/2.0 (possibly prior versions) SQL injection / board takevorsoftware:site: http://w...
2005-09-26 "powered by my little forum" My Little Forum 1.5 / 1.6beta SQL Injectionsoftware:site: http://www.mylittlehomepage.net/my_li...
2005-09-25 intitle:"Control panel" "Control Pa... Build, manage and customize your own search engine friendly news / article site from scratch --...
2005-09-25 inurl:cartwiz/store/index.asp The CartWIZ eCommerce Shopping Cart System will help you build your online store through an int...
2005-09-13 "e107.org 2002/2003" inurl:forum_post.ph... e107 is prone to an input validation vulnerability. This issue is due to a failure in the appli...
2005-09-13 "maxwebportal" inurl:"default"... several vulnerabilities relating to this.MaxWebPortal is a web portal and online community syst...
2005-09-11 "Mail-it Now!" intitle:"Contact for... Mail-it Now! 1.5 (possibly prior versions) contact.php remote code executionsite: http://www.sk...
2005-09-11 "Warning:" "Cannot execute a blank ... "Warning: passthru(): Cannot execute a blank command in" "Warning: system(): Can...
2005-09-08 "Powered by Xcomic" "Powered by xcomic"this is a recent exploit, you can retrieve any file on target syst...
2005-08-08 "Powered by FunkBoard" FunkBoard V0.66CF (possibly prior versions) cross site scripting, possible database username/pa...
2005-08-07 "Powered by FlexPHPNews" inurl:news | in... 24/07/2005 2.38.13Flex PHPNews 0.0.4 login bypass/ sql injection, cross site scripting & re...
2005-08-07 "Powered By: Simplicity oF Upload" inurl... 26/07/2005 16.09.18Simplicity OF Upload 1.3 (possibly prior versons) remote code execution &...