Text Exploits

31,341 exploits tracked across all sources.

Sort: Activity Stars

EIP-2026-106858 EXPLOITDB text

Employee Management System v1 - 'email' SQL Injection

by SoSPiro

View

CVE-2023-3897 EXPLOITDB MEDIUM text

SureMDM On-premise <6.31 - Info Disclosure

Username enumeration is possible through Bypassing CAPTCHA in On-premise SureMDM Solution on Windows deployment allows attacker to enumerate local user information via error message. This issue affects SureMDM On-premise: 6.31 and below version

by Jonas Benjamin Friedli

CVSS 4.8

View

EIP-2026-104434 EXPLOITDB text

SISQUALWFM 7.1.319.103 - Host Header Injection

by Omer Shaik

View

EIP-2026-104449 EXPLOITDB text

Splunk 9.0.4 - Information Disclosure

by Parsa Rezaie Khiabanloo

View

EIP-2026-101108 EXPLOITDB text

VIMESA VHF/FM Transmitter Blue Plus 9.7.1 (doreboot) - Remote Denial Of Service

by LiquidWorm

View

CVE-2025-5553 EXPLOITDB HIGH text

PHPGurukul Rail Pass Management System 1.0 - SQL Injection

A vulnerability classified as critical was found in PHPGurukul Rail Pass Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /download-pass.php. The manipulation of the argument searchdata leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

by yozgatalperen1

CVSS 7.3

View

EIP-2026-110151 EXPLOITDB text

Online Nurse Hiring System 1.0 - Time-Based SQL Injection

by yozgatalperen1

View

EIP-2026-104990 EXPLOITDB text

Advanced Page Visit Counter 1.0 - Admin+ Stored Cross-Site Scripting (XSS) (Authenticated)

by Furkan ÖZER

View

EIP-2026-103456 EXPLOITDB text

Elasticsearch - StackOverflow DoS

by TOUHAMI Kasbaoui

View

EIP-2026-101505 EXPLOITDB text

Zyxel zysh - Format string

by Marco Ivaldi

View

EIP-2026-109496 EXPLOITDB text

MISP 2.4.171 - Stored XSS

by Mücahit Çeri

View

EIP-2026-107542 EXPLOITDB text

GYM MS - GYM Management System - Cross Site Scripting (Stored)

by yozgatalperen1

View

EIP-2026-106278 EXPLOITDB text

Curfew e-Pass Management System 1.0 - FromDate SQL Injection

by Puja Dey

View

EIP-2026-105925 EXPLOITDB text

Clinic's Patient Management System 1.0 - Unauthenticated RCE

by Oğulcan Hami Gül

View

EIP-2026-104490 EXPLOITDB text

WhatsUp Gold 2022 (22.1.0 Build 39) - XSS

by Andreas Finstad

View

EIP-2026-119265 EXPLOITDB text

WebCatalog 48.4 - Arbitrary Protocol Execution

by ItsSixtyN3in

View

EIP-2026-102072 EXPLOITDB text

TP-Link TL-WR740N - UnAuthenticated Directory Transversal

by Syed Affan Ahmed (ZEROXINN)

View

EIP-2026-102071 EXPLOITDB text

TP-LINK TL-WR740N - Multiple HTML Injection

by Shujaat Amin (ZEROXINN)

View

EIP-2026-101711 EXPLOITDB text

Electrolink FM/DAB/TV Transmitter - Pre-Auth MPFS Image Remote Code Execution

by LiquidWorm

View

EIP-2026-101710 EXPLOITDB text

Electrolink FM/DAB/TV Transmitter (login.htm/mail.htm) - Credentials Disclosure

by LiquidWorm

View

EIP-2026-101709 EXPLOITDB text

Electrolink FM/DAB/TV Transmitter (Login Cookie) - Authentication Bypass

by LiquidWorm

View

EIP-2026-101708 EXPLOITDB text

Electrolink FM/DAB/TV Transmitter (controlloLogin.js) - Credentials Disclosure

by LiquidWorm

View

EIP-2026-101015 EXPLOITDB text

Electrolink FM/DAB/TV Transmitter - Unauthenticated Remote DoS

by LiquidWorm

View

CVE-2023-53155 EXPLOITDB HIGH text

EmbedThis GoAhead 2.5 - Code Injection

goform/formTest in EmbedThis GoAhead 2.5 allows HTML injection via the name parameter.

by Syed Affan Ahmed (ZEROXINN)

CVSS 7.2

View

EIP-2026-107507 EXPLOITDB text

Grocy <=4.0.2 - CSRF

by Chance Proctor

View

By Source

All 31,341

By Language

text 31,341