Vulnerability-Lab

336 exploits Active since Jan 2008
EIP-2026-108130 EXPLOITDB text WRITEUP
Joomla Plugin Simple Image Gallery Extended (SIGE) 3.5.3 - Multiple Vulnerabilities
EIP-2026-108347 EXPLOITDB text WRITEUP
Joomla! Component com_fireboard - SQL Injection
EIP-2026-107958 EXPLOITDB text WRITEUP
iScripts EasyCreate 2.0 - Multiple Vulnerabilities
EIP-2026-107783 EXPLOITDB text WRITEUP
ILIAS eLearning CMS 4.3.4 < 4.4 - Persistent Cross-Site Scripting
EIP-2026-107753 EXPLOITDB text WRITEUP
iDev Rentals 1.0 - Multiple Vulnerabilities
EIP-2026-107859 EXPLOITDB text WRITEUP
Inout Mobile Webmail APP - Persistent Cross-Site Scripting
EIP-2026-107710 EXPLOITDB text WRITEUP
iBoutique eCommerce 4.0 - Multiple Web Vulnerabilities
EIP-2026-107704 EXPLOITDB text WRITEUP
iauto mobile Application 2012 - Multiple Vulnerabilities
EIP-2026-107517 EXPLOITDB text WRITEUP
GTX CMS 2013 Optima - SQL Injection
CVE-2012-4280 EXPLOITDB text WRITEUP
Rwcinc Free Realty - CSRF
Multiple cross-site request forgery (CSRF) vulnerabilities in admin/agenteditor.php in Free Realty 3.1-0.6 allow remote attackers to hijack the authentication of administrators for requests that (1) add an agent via an addagent action or (2) modify an agent.
EIP-2026-107188 EXPLOITDB text WORKING POC
Fork CMS 5.8.0 - Persistent Cross-Site Scripting
EIP-2026-107240 EXPLOITDB text WORKING POC
Freeside SelfService CGI/API 2.3.3 - Multiple Vulnerabilities
EIP-2026-107521 EXPLOITDB text WRITEUP
Guestbook Scripts PHP 1.5 - Multiple Vulnerabilities
CVE-2012-5919 EXPLOITDB text WRITEUP
Havalite Cms < 1.0.4 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Havalite 1.0.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) find or (2) replace fields to havalite/findReplace.php; (3) username parameter to havalite/hava_login.php, (4) the Edit Article module, or (5) hava_post.php in the postAuthor module; (6) postId parameter to hava_post.php; (7) userId parameter to hava_user.php; or (8) linkId parameter to hava_link.php.
EIP-2026-107163 EXPLOITDB text WRITEUP
Flynax General Classifieds CMS 4.0 - Multiple Vulnerabilities
EIP-2026-107379 EXPLOITDB text WRITEUP
Genium CMS 2012/Q2 - Multiple Vulnerabilities
EIP-2026-107382 EXPLOITDB text WRITEUP
GENU CMS 2012.3 - Multiple SQL Injections
EIP-2026-106939 EXPLOITDB text WRITEUP
Eventy CMS 1.8 Plus - Multiple Vulnerabilities
EIP-2026-106936 EXPLOITDB text WRITEUP
Event Script PHP 1.1 CMS - Multiple Vulnerabilities
EIP-2026-107114 EXPLOITDB text WRITEUP
Flash Operator Panel 2.31.03 - Command Execution
EIP-2026-106872 EXPLOITDB text WRITEUP
Endian UTM Firewall 2.4.x < 2.5.0 - Multiple Web Vulnerabilities
EIP-2026-106903 EXPLOITDB text WRITEUP
ES Job Search Engine 3.0 - SQL Injection
EIP-2026-106772 EXPLOITDB text WORKING POC
EditMe CMS - Cross-Site Request Forgery (Add Admin)
EIP-2026-106845 EXPLOITDB text WRITEUP
elproLOG MONITOR Webaccess 2.1 - Multiple Vulnerabilities
CVE-2012-1226 EXPLOITDB text WRITEUP
Dolibarr Erp/crm - Path Traversal
Multiple directory traversal vulnerabilities in Dolibarr CMS 3.2.0 Alpha allow remote attackers to read arbitrary files and possibly execute arbitrary code via a .. (dot dot) in the (1) file parameter to document.php or (2) backtopage parameter in a create action to comm/action/fiche.php.