Exploitdb Exploits

31,346 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-105936 EXPLOITDB text
ClipBucket 2.8 - 'id' SQL Injection
by Ihsan Sencan
CVE-2018-18548 EXPLOITDB MEDIUM text
Ajenticp < 1.2.23.13 - XSS
ajenticp (aka Ajenti Docker control panel) for Ajenti through v1.2.23.13 has XSS via a filename that is mishandled in File Manager.
by Numan OZDEMIR
CVSS 6.1
EIP-2026-105030 EXPLOITDB text
AiOPMSD Final 1.0.0 - 'q' SQL Injection
by Ihsan Sencan
CVE-2018-14665 EXPLOITDB MEDIUM text
xorg-x11-server <1.20.3 - Privilege Escalation
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges.
by Hacker Fantastic
CVSS 6.6
EIP-2026-119456 EXPLOITDB text VERIFIED
Adult Filter 1.0 - Denial of Service (PoC)
by Beren Kuday GÖRÜN
EIP-2026-112010 EXPLOITDB text
SG ERP 1.0 - 'info' SQL Injection
by Ihsan Sencan
CVE-2018-18416 EXPLOITDB MEDIUM text
Pokkho Lango - XSS
LANGO Codeigniter Multilingual Script 1.0 has XSS in the input and upload sections, as demonstrated by the site_name parameter to the admin/settings/update URI.
by Ismail Tasdelen
CVSS 4.8
EIP-2026-107082 EXPLOITDB text
Fifa Master XLS 2.3.2 - 'usw' SQL Injection
by Ihsan Sencan
CVE-2018-18437 EXPLOITDB MEDIUM text
Axiositalia Registro Elettronico - XSS
In AXIOS ITALIA Axioscloud Sissiweb Registro Elettronico 1.7.0, secret/relogoff.aspx has XSS via the Error_Desc parameter.
by Dino Barlattani
CVSS 6.1
EIP-2026-119422 EXPLOITDB text
ServersCheck Monitoring Software 14.3.3 - 'id' SQL Injection
by hyp3rlinx
EIP-2026-119402 EXPLOITDB text
MGB OpenSource Guestbook 0.7.0.2 - 'id' SQL Injection
by Ihsan Sencan
EIP-2026-119126 EXPLOITDB text
ServersCheck Monitoring Software 14.3.3 - Arbitrary File Write
by hyp3rlinx
EIP-2026-112056 EXPLOITDB text
SIM-PKH 2.4.1 - Arbitrary File Upload
by Ihsan Sencan
EIP-2026-112055 EXPLOITDB text
SIM-PKH 2.4.1 - 'id' SQL Injection
by Ihsan Sencan
EIP-2026-111919 EXPLOITDB text
School ERP Pro+Responsive 1.0 - Arbitrary File Download
by Ihsan Sencan
EIP-2026-111918 EXPLOITDB text
School ERP Pro+Responsive 1.0 - 'fid' SQL Injection
by Ihsan Sencan
EIP-2026-105210 EXPLOITDB text
Appsource School Management System 1.0 - 'student_id' SQL Injection
by Ihsan Sencan
EIP-2026-113132 EXPLOITDB text
Viva Visitor & Volunteer ID Tracking 0.95.1 - 'fname' SQL Injection
by Ihsan Sencan
EIP-2026-112636 EXPLOITDB text
The Open ISES Project 3.30A - Arbitrary File Download
by Ihsan Sencan
EIP-2026-112635 EXPLOITDB text
The Open ISES Project 3.30A - 'tick_lat' SQL Injection
by Ihsan Sencan
EIP-2026-111921 EXPLOITDB text
School ERP Ultimate 2018 - Arbitrary File Download
by Ihsan Sencan
EIP-2026-111920 EXPLOITDB text
School ERP Ultimate 2018 - 'fid' SQL Injection
by Ihsan Sencan
EIP-2026-109798 EXPLOITDB text
MySQL Edit Table 1.0 - 'id' SQL Injection
by Ihsan Sencan
EIP-2026-106875 EXPLOITDB text
eNdonesia Portal 8.7 - 'artid' SQL Injection
by Ihsan Sencan
EIP-2026-103408 EXPLOITDB text VERIFIED
Apple iOS/macOS - Sandbox Escape due to Trusted Length Field in Shared Memory used by HID Event Subsystem
by Google Security Research
By Source
All 31,346 Writeup 52,991 Exploitdb 50,135 Nomisec 21,420 Metasploit 3,228 Github 2,580 Vulncheck_xdb 903 Inthewild 518 Gitlab 441 Gitee 415 Patchapalooza 312
By Language
text 31,346 ruby 5,959 python 5,917 c 3,577 perl 2,854 html 2,056 php 1,334 bash 459 java 362 javascript 260 c++ 250 shell 95 go 52 postscript 25 xml 24