Google Hacking Database (GHDB)

Search the Google Hacking Database or browse GHDB categories

Advisories and Vulnerabilities

These searches locate vulnerable servers. These searches are often generated from various security advisory posts, and in many cases are product or version-specific.

DATE Title Summary
2015-01-12 inurl:fckeditor -intext:"ConfigIsEnabled = Fa... inurl:fckeditor -intext:"ConfigIsEnabled = False" intext:ConfigIsEnabled Searches ...
2014-02-05 intitle:"pChart 2.x - examples" intext:&... The web application is vulnerable to Directory Traversal and XSS. The version number can be om...
2012-05-15 inurl:"tiki-index.php" filetype:php &quo... The server vulnerable to => CVE 2006-4602 ...
2012-01-10 inurl:wp-content/plugins/age-verification/age-veri... Wordpress Age Verification Plugin http://www.exploit-db.com/exploits/18350...
2012-01-03 inurl:"/showPlayer.php?id=" intext:"... ellistonSPORT Remote SQL Injection Vulnerability. Author: ITTIHACK ...
2011-12-29 inurl:"mod.php?mod=blog" intext:"po... DIY-CMS blog mod SQL Injection. Author: snup...
2011-12-26 "Powered by kryCMS" kryCMS Version 3.0 SQL Injection. Author: tempe_mendoan...
2011-09-12 "Powered by SLAED CMS" Exploit Title: Slaed CMS Code exec On different versions of this software next vulnerabiliti...
2011-08-06 intitle:"vtiger CRM 5 - Commercial Open Sourc... vtiger CRM version 5.x presence -- LiquidWorm ...
2011-06-14 inurl:"clsUploadtest.asp" Submitter: KDGCrew http://www.site.com/clsUpload/clsUploadtest.asp http://www.site.com/clsUp...
2011-05-03 "error_log" inurl:/wp-content Find various www readable Wordpress directories containing error logs with server side debugg...
2011-04-05 inurl:"fbconnect_action=myhome" Submitter: z0mbyak SQL Injection: www.site.name/path/?fbconnect_action=myhome&fbuser...
2011-03-27 intext:"Powered by FXRecruiter" Submitter: Ashiyane Digital Security Team Arbitrary File Upload: You must Register at site, T...
2011-03-27 index.php?option=com_ignitegallery Submitter: TiGeR_YeMeN HaCkEr SQL Injection: index.php?option=com_ignitegallery&tas...
2011-03-24 "site by Designscope" Submitter: Net.Edit0r SQL Injection: http://127.0.0.1/general.php?pageID=[SQL] http:/...
2011-03-23 intext:"Powered by Inventory Mojo Software.&q... Submitter: p0pc0rn SQL Injection (categoria.asp, producto.asp, srubro.asp, marca.asp, buscar.a...
2011-03-16 intext:"Powered by OnePlug CMS" Sumitter: p0pc0rn SQL Injection: http://site.com/category_list.asp?Category_ID=1 union selec...
2011-03-16 intext:"Powered by VoiceCMS" Submitter: p0pc0rn SQL Injection: http://site.com/default.asp?com=[Page]&id=[SQL]&m=...
2011-03-16 intext:"Site by Triware Technologies Inc"... Submitter: p0pc0rn SQL Injection: http://site.com/default.asp?com=[Page]&id=[SQL]&m=...
2011-03-14 ADAN (view.php ) Sql Injection Vulnerability SQL Injection: http://www.exploit-db.com/exploits/16276/ ...
2011-03-14 "POWERED BY LOG1 CMS" Multiple Vulnerabilities: http://www.exploit-db.com/exploits/16969/...
2011-03-13 inurl:"sitegenius/topic.php" Submitter: dR.sqL SQL Injection: http://localhost/sitegenius/topic.php?id=[SQLi]...
2011-03-08 intext:"Powered by EZPub" SQL Injection: http://www.exploit-db.com/exploits/16941...
2011-03-08 intext:"Web Design by Webz" filetype:asp Submitter: p0pc0rn http://site.com/xxx.asp?id=[SQL] http://site.com/xxx.asp?catID=[SQ...
2011-03-07 "Powered by SOFTMAN" Author: eXeSoul [i] "Powered by SOFTMAN" [ii] "Powered by Softman Multi...
2011-03-05 "POWERED BY ZIPBOX MEDIA" inurl:"al... Author : AtT4CKxT3rR0r1ST SQL Injection: www.site.com/album.php?id=null[Sql]...
2011-02-23 "powered by zipbox media" Author:XaDaL http://site.com/album.php?id=[SQLi]...
2011-02-23 "made visual by sightFACTORY" Author : eXeSoul [#] http://server/accommodations.php?contentid=[sqli] [#] http://server/ch...
2011-02-11 site:ebay.com inurl:callback Returns: http://sea.ebay.com/jplocal/campany/getcampnum.php?callback=? then: http://sea.eb...
2011-02-06 "Powered By Dew-NewPHPLinks v.2.1b" SQL Injection: http://www.exploit-db.com/exploits/16122...
2011-02-05 allintext: /qcodo/_devtools/codegen.php Information Disclosure: http://www.exploit-db.com/exploits/16116...
2011-02-03 :inurl:mj_wwwusr http://www.exploit-db.com/exploits/16103...
2011-02-01 Photo Gallery powered by TinyWebGallery 1.8.3 Multiple Vulnerabilities: Non-persistent XSS + Directory Traversal: http://www.exploit-db.com/e...
2011-01-25 inurl:"ab_fct.php?fct=" Multiple Vulnerabilities: http://www.exploit-db.com/exploits/16044...
2011-01-23 "Powered by: PHP Link Directory" CSRF Vuln: http://www.exploit-db.com/exploits/16037/...
2011-01-22 inurl:"/plugins/ImageManager/manager.php"... Author: PenetraDz Shell Upload Vuln: manager/media/editor/plugins/ImageManager/manager.php...
2011-01-22 "inurl:cultbooking.php" CultBooking Multiple Vulnerabilities: http://www.exploit-db.com/exploits/16028/...
2011-01-20 intext:"Powered by DZOIC Handshakes Professio... Author: IR-Security -Team SQL injection: http://server/administrator/index.php?section=manage_...
2011-01-11 inurl:"/modules.php?name=" "Maximus... Maximus CMS (FCKeditor) File Upload Vulnerability http://www.exploit-db.com/exploits/15960 Au...
2011-01-10 "TinyBB 2011 all rights reserved" Submitter: Aodrulez SQL Injection: http://www.exploit-db.com/exploits/15961/...