Google Hacking Database (GHDB)

Search the Google Hacking Database or browse GHDB categories

Advisories and Vulnerabilities

These searches locate vulnerable servers. These searches are often generated from various security advisory posts, and in many cases are product or version-specific.

DATE Title Summary
2010-11-24 inurl:"?delete" +intext:"PHP versio... Matches some well known phpshells (r57 and the like)....
2010-11-18 inurl:"jscripts/tiny_mce/plugins/tinybrowser/... inurl:"jscripts/tiny_mce/plugins/tinybrowser/" or refined inurl:"jscripts/...
2010-11-15 ("powered by nocc" intitle:"NOCC We... NOCC Webmail 1.0 (Local Inclusion) Remote Code Execution Exploit - CVE: 2006-0891: http://www....
2010-11-15 inurl:"index.php?ind=blog" MKPortal 1.2.1 Multiple Remote Vulnerabilities: http://www.exploit-db.com/exploits/7796/...
2010-11-15 "powered by bitweaver" bitweaver 1.3 (tmpImagePath) Attachment mod_mime Exploit - CVE: 2006-3105: http://www.exploit-...
2010-11-15 "Powered by Shadowed Portal" Shadowed Portal 5.7d3 Remote Command Execution Exploit: http://www.exploit-db.com/exploits/476...
2010-11-15 "Powered by Quick.Cart" Quick.Cart 2.2 RFI/LFI Remote Code Execution Exploit - CVE: 2007-3138: http://www.exploit-db.c...
2010-11-15 inurl:"com_sqlreport" Joomla Component user_id com_sqlreport Blind SQL Injection Vulnerability - CVE: 2010-0753: htt...
2010-11-15 insite: SmarterMail Enterprise 7.1 http://www.exploit-db.com/exploits/15185...
2010-11-15 "this site is using the webspell script (vers... CVE: 2007-0502 EDB-ID: 3172 This search can potentially identify vulnerable installations of ...
2010-11-15 inurl:wp-login.php Register Username Password -ech... CVE: 2006-2667 EDB-ID: 6 This search can potentially identify vulnerable installations of W...
2010-11-15 "Page created in" "seconds by glFus... CVE: 2009-1281 EDB-ID: 8347 This search can potentially identify vulnerable installations o...
2010-11-15 "powered by ThWboard" CVE: 2007-0340 EDB-ID: 3124 This search can potentially identify vulnerable installations o...
2010-11-15 "Powered by XMB" CVE: 2006-3994 EDB-ID: 2105 This search can potentially identify vulnerable installations of ...
2010-11-15 "This web site was made with MD-Pro" CVE: 2006-7112 EDB-ID: 2712 This search can potentially identify vulnerable installations o...
2010-11-15 pixelpost "RSS 2.0" "ATOM feed"... Pixelpost 1-5rc1-2 Remote Privilege Escalation Exploit - CVE: 2006-2889: http://www.exploit-...
2010-11-15 "powered by gcards" gCards 1.45 Multiple Vulnerabilities - CVE: 2006-1346: http://www.exploit-db.com/exploits/15...
2010-11-15 intitle:"X7 Chat Help Center"|"Powe... X7 Chat 2.0 (help_file) Remote Commands Execution - CVE: 2006-2156: http://www.exploit-db.co...
2010-11-15 "This is a Free & Open Source mailing lis... Open Newsletter ...
2010-11-15 "powered by tikiwiki" TikiWiki 1.9 Sirius (jhot.php) Remote Command Execution - CVE: 2006-4602: http://www.exploit...
2010-11-15 "This site is powered by e107" TikiWiki 1.9 Sirius (jhot.php) Remote Command Execution - CVE: 2006-4602: http://www.exploit...
2010-11-15 inurl:imageview5 Imageview 5 (Cookie/index.php) Remote Local Include - CVE: 2006-5554: http://www.exploit-db....
2010-11-15 "Powered by sendcard - an advanced PHP e-card... SendCard 3.4.0 Unauthorized Administrative Access: http://www.exploit-db.com/exploits/2117...
2010-11-15 "AlumniServer project" AlumniServer 1.0.1 (resetpwemail) Blind SQL Injection: http://www.exploit-db.com/exploits/9020...
2010-11-15 "Powered by ClanTiger" ClanTiger 1.1.1 (slug) Blind SQL Injection: http://www.exploit-db.com/exploits/8473...
2010-11-15 "Powered by Online Grades" Online Grades & Attendance 3.2.6 Blind SQL Injection - CVE: 2009-2598: http://www.exploi...
2010-11-15 allintitle: powered by DeluxeBB DeluxeBB 1.2 Multiple Remote Vulnerabilities - CVE: 2008-2195: http://www.exploit-db.com/exp...
2010-11-15 "Powered by BIGACE 2.5" BIGACE CMS 2.5 (username) Remote SQL Injection - CVE: 2009-1778: http://www.exploit-db.com/e...
2010-11-15 "Powered by XMB" XMB 1.9.6 Final basename() Remote Command Execution - CVE: 2006-4191: http://www.exploit-db....
2010-11-15 "Betrieben mit Serendipity 1.0.3" Serendipity 1.0.3 (comment.php) Local File Include - CVE: 2006-6242: http://www.exploit-db.c...
2010-11-15 "Powered by eXV2 Vers" exV2 2.0.4.3 extract() Remote Command Execution - CVE: 2006-7080: http://www.exploit-db.com/...
2010-11-15 "Runcms Copyright" "2002 - 2007&quo... RunCms 1.5.2 (debug_show.php) Remote SQL Injection - CVE: 2007-2539: http://www.exploit-db.c...
2010-11-15 inurl:"option=com_tophotelmodule" CVE: 2009-3368 EDB-ID: This search potentially exposes Joomla Hotel Booking System XSS/SQL In...
2010-11-15 "Powered by Leap" Leap CMS 0.1.4 (searchterm) Blind SQL Injection - CVE: 2009-1613: http://www.exploit-db.com/...
2010-11-15 "powered by PCPIN.com" PCPIN Chat 5.0.4 (login/language) Remote Code Execution: http://www.exploit-db.com/exploits/...
2010-11-15 "Content managed by the Etomite Content Manag... Etomite CMS 0.6.1 (username) SQL Injection - CVE: 2006-3904: http://www.exploit-db.com/exploi...
2010-11-15 "Powered by Coppermine Photo Gallery" Coppermine Photo Gallery 1.4.18 LFI / Remote Code Execution - CVE: 2008-3481: http://www.exp...
2010-11-15 "Powered by MercuryBoard" MercuryBoard 1.1.5 (login.php) Remote Blind SQL Injection - CVE: 2008-6632: http://www.explo...
2010-11-15 intext:"2000-2001 The phpHeaven Team" -s... phpMyChat 0.15.0dev (SYS enter) Remote Code Execution: http://www.exploit-db.com/exploits/16...
2010-11-15 "Powered by PHP-Update" -site:www.php-up... PHP-Update 2.7 Multiple Remote Vulnerabilities - CVE: 2006-6879: http://www.exploit-db.com/e...