Exploitdb Exploits

31,329 exploits tracked across all sources.

Sort: Activity Stars
CVE-2017-15730 EXPLOITDB HIGH text
Phpmyfaq < 2.9.8 - CSRF
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.ratings.php.
by Nikhil Mittal
CVSS 8.8
CVE-2017-6008 EXPLOITDB HIGH text
Sophos Hitmanpro < 3.7.20 - Memory Corruption
A kernel pool overflow in the driver hitmanpro37.sys in Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean) allows local users to escalate privileges via a malformed IOCTL call.
by cbayet
CVSS 7.8
CVE-2017-15879 EXPLOITDB HIGH text
Keystone < 4.0.0 - Improper Input Validation
CSV Injection (aka Excel Macro Injection or Formula Injection) exists in admin/server/api/download.js and lib/list/getCSVData.js in KeystoneJS before 4.0.0-beta.7 via a value that is mishandled in a CSV export.
by Ishaq Mohammed
CVSS 8.8
CVE-2017-15878 EXPLOITDB MEDIUM text
Keystone < 4.0.0 - XSS
A cross-site scripting (XSS) vulnerability exists in fields/types/markdown/MarkdownType.js in KeystoneJS before 4.0.0-beta.7 via the Contact Us feature.
by Ishaq Mohammed
CVSS 6.1
EIP-2026-107291 EXPLOITDB text
FS Trademe Clone - 'id' SQL Injection
by 8bitsec
EIP-2026-107290 EXPLOITDB text
FS Thumbtack Clone - 'ser' SQL Injection
by 8bitsec
EIP-2026-107289 EXPLOITDB text
FS Shutter Stock Clone - 'keywords' SQL Injection
by 8bitsec
EIP-2026-107287 EXPLOITDB text
FS Realtor Clone - 'id' SQL Injection
by 8bitsec
EIP-2026-107285 EXPLOITDB text
FS Monster Clone - 'id' SQL Injection
by 8bitsec
EIP-2026-107274 EXPLOITDB text
FS Crowdfunding Script - 'id' SQL Injection
by 8bitsec
EIP-2026-107273 EXPLOITDB text
FS Care Clone - 'sitterService' SQL Injection
by 8bitsec
CVE-2017-15639 EXPLOITDB MEDIUM text
Getmura Mura Cms < 6.1 - XXE
tasks/feed/readRSS.cfm in Mura CMS before 6.2 allows attackers to bypass intended access restrictions by leveraging the "draggable feeds" feature.
by Anthony Cole
CVSS 6.5
EIP-2026-107286 EXPLOITDB text
FS OLX Clone - 'catg_id' SQL Injection
by 8bitsec
EIP-2026-107283 EXPLOITDB text
FS Lynda Clone - 'category' SQL Injection
by 8bitsec
EIP-2026-107282 EXPLOITDB text
FS Indiamart Clone - 'keywords' SQL Injection
by 8bitsec
EIP-2026-107280 EXPLOITDB text
FS Groupon Clone - 'category' SQL Injection
by 8bitsec
EIP-2026-107279 EXPLOITDB text
FS Freelancer Clone - 'sk' SQL Injection
by 8bitsec
EIP-2026-107278 EXPLOITDB text
FS Food Delivery Script - 'keywords' SQL Injection
by 8bitsec
EIP-2026-107276 EXPLOITDB text
FS Expedia Clone - 'hid' SQL Injection
by 8bitsec
EIP-2026-107275 EXPLOITDB text
FS Ebay Clone - 'pd_maincat_id' SQL Injection
by 8bitsec
EIP-2026-107272 EXPLOITDB text
FS Car Rental Script - 'pickup_location' SQL Injection
by 8bitsec
EIP-2026-107271 EXPLOITDB text
FS Book Store Script - 'category' SQL Injection
by 8bitsec
EIP-2026-107270 EXPLOITDB text
FS Amazon Clone - 'category_id' SQL Injection
by 8bitsec
EIP-2026-106074 EXPLOITDB text
CometChat < 6.2.0 BETA 1 - Local File Inclusion
by Paradoxis
EIP-2026-104791 EXPLOITDB text
WordPress Plugin Polls 1.2.4 - SQL Injection (PoC)
by Manish Tanwar
By Source
All 31,329 Writeup 57,446 Exploitdb 49,983 Nomisec 21,423 Metasploit 3,217 Github 2,519 Vulncheck_xdb 901 Inthewild 514 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,329 python 5,908 ruby 5,906 c 3,561 perl 2,849 html 2,053 php 1,326 bash 459 java 362 c++ 250 javascript 215 shell 88 go 53 postscript 25 xml 24