Vulnerability-Lab

336 exploits Active since Jan 2008
EIP-2026-112472 EXPLOITDB text WORKING POC
SugarCRM 6.5.18 - Persistent Cross-Site Scripting
EIP-2026-112516 EXPLOITDB text WRITEUP
Swoopo Gold Shop CMS 8.4.56 - Multiple Web Vulnerabilities
EIP-2026-112466 EXPLOITDB text WRITEUP
Subrion CMS 4.0.5 - SQL Injection
EIP-2026-112153 EXPLOITDB text WRITEUP
Simplephpscripts Simple CMS 2.1 - 'Multiple' SQL Injection
EIP-2026-112154 EXPLOITDB text WORKING POC
Simplephpscripts Simple CMS 2.1 - 'Multiple' Stored Cross-Site Scripting (XSS)
EIP-2026-112367 EXPLOITDB text WRITEUP
SpamTitan Application 5.08x - SQL Injection
EIP-2026-112289 EXPLOITDB text WRITEUP
Social Engine 4.2.5 - Multiple Vulnerabilities
EIP-2026-112407 EXPLOITDB text WRITEUP
Squirrelcart Cart Shop 3.3.4 - Multiple Web Vulnerabilities
CVE-2011-5150 EXPLOITDB text WRITEUP
Spamtitan < 5.07 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in SpamTitan 5.07 and possibly earlier allow remote attackers or authenticated users to inject arbitrary web script or HTML via the (1) ipaddress or (2) domain parameter to setup-network.php, different vectors than CVE-2011-5149. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
EIP-2026-111983 EXPLOITDB text WRITEUP
Sentrifugo CMS 3.2 - Persistent Cross-Site Scripting
EIP-2026-111938 EXPLOITDB text WRITEUP
Schoolhos CMS 2.29 - 'kelas' SQL Injection
EIP-2026-111970 EXPLOITDB text WRITEUP
SeedDMS 5.1.18 - Persistent Cross-Site Scripting
CVE-2010-4980 EXPLOITDB text WRITEUP
iScripts ReserveLogic 1.0 - SQL Injection
SQL injection vulnerability in packagedetails.php in iScripts ReserveLogic 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter.
EIP-2026-111787 EXPLOITDB text WORKING POC
Rocket LMS 1.1 - Persistent Cross Site Scripting (XSS)
EIP-2026-111542 EXPLOITDB text WRITEUP
ProjectSend r754 - Insecure Direct Object Reference
CVE-2012-4266 EXPLOITDB text WRITEUP
Itechscripts Proman Xpress - XSS
Cross-site scripting (XSS) vulnerability in client_details.php in Proman Xpress 5.0.1 allows remote attackers to inject arbitrary web script or HTML via the cl_comments parameter. NOTE: some of these details are obtained from third party information.
EIP-2026-111022 EXPLOITDB text WRITEUP
PHPCollab CMS 2.5 - 'emailusers.php' SQL Injection
EIP-2026-111093 EXPLOITDB text WORKING POC
PHPJabbers Simple CMS 5 - 'name' Persistent Cross-Site Scripting (XSS)
EIP-2026-111118 EXPLOITDB text WRITEUP
phpList 3.0.6/3.0.10 - SQL Injection
EIP-2026-110728 EXPLOITDB text WORKING POC
PHP Melody 3.0 - 'vid' SQL Injection
EIP-2026-110727 EXPLOITDB text WORKING POC
PHP Melody 3.0 - 'Multiple' Cross-Site Scripting (XSS)
EIP-2026-110729 EXPLOITDB text WORKING POC
PHP Melody 3.0 - Persistent Cross-Site Scripting (XSS)
EIP-2026-110528 EXPLOITDB text WRITEUP
pdirl PHP Directory Listing 1.0.4 - Cross-Site Scripting
EIP-2026-110512 EXPLOITDB text WRITEUP
PBBoard CMS 2.1.4 - Multiple Vulnerabilities
EIP-2026-110567 EXPLOITDB text WORKING POC
PG Dating Pro CMS 1.0 - Multiple Vulnerabilities