Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-112675 EXPLOITDB text
Tiger Post 3.0.1 - SQL Injection
by Ihsan Sencan
EIP-2026-112554 EXPLOITDB text
Takas Classified 1.1 - SQL Injection
by Ihsan Sencan
EIP-2026-111656 EXPLOITDB text
QWIKIA 1.1.1 - SQL Injection
by Ihsan Sencan
EIP-2026-109635 EXPLOITDB text
Multilanguage Estate Agency Pro 1.2 - SQL Injection
by Ihsan Sencan
EIP-2026-107654 EXPLOITDB text
HotelCMS with Booking Engine - SQL Injection
by Ihsan Sencan
EIP-2026-107475 EXPLOITDB text
Gram Post 1.0 - SQL Injection
by Ihsan Sencan
EIP-2026-106055 EXPLOITDB text
Collabo - Arbitrary File Download
by Ihsan Sencan
EIP-2026-106047 EXPLOITDB text
CodePaul ClipMass - SQL Injection
by Ihsan Sencan
EIP-2026-105975 EXPLOITDB text
CMS Lite 1.3.1 - SQL Injection
by Ihsan Sencan
EIP-2026-105957 EXPLOITDB text
CLUB-8 EMS - SQL Injection
by Ihsan Sencan
EIP-2026-105315 EXPLOITDB text
Automated Job Portal Script - SQL Injection
by Ihsan Sencan
CVE-2016-9244 EXPLOITDB HIGH text
BIG-IP Local Traffic Manager - Exposure of Sensitive Information via Session Tickets
A BIG-IP virtual server configured with a Client SSL profile that has the non-default Session Tickets option enabled may leak up to 31 bytes of uninitialized memory. A remote attacker may exploit this vulnerability to obtain Secure Sockets Layer (SSL) session IDs from other sessions. It is possible that other data from uninitialized memory may be returned as well.
by Ege Balci
CVSS 7.5
CVE-2017-20251 EXPLOITDB CRITICAL text
WordPress Insert PHP Plugin 4.7.0 PHP Code Injection via REST API
WordPress Insert PHP plugin versions before 3.3.1 contain a PHP code injection vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by injecting malicious shortcodes through the WordPress REST API. Attackers can send POST requests to the wp-json/wp/v2/posts endpoint with crafted content containing insert_php shortcodes to include and execute remote PHP files on the server.
by CrashBandicot
CVSS 9.8
CVE-2017-12760 EXPLOITDB HIGH text
Mobiketa 4.0 - SQL Injection via URL Parameter
Ynet Interactive - http://demo.ynetinteractive.com/mobiketa/ Mobiketa 4.0 is affected by: SQL Injection. The impact is: Code execution (remote).
by Ihsan Sencan
CVSS 8.8
EIP-2026-112281 EXPLOITDB text
SOA School Management - 'view' SQL Injection
by Ihsan Sencan
EIP-2026-111979 EXPLOITDB text
Sendroid 5.2 - SQL Injection
by Ihsan Sencan
EIP-2026-107174 EXPLOITDB text
Fome SMS Portal 2.0 - SQL Injection
by Ihsan Sencan
EIP-2026-106955 EXPLOITDB text
EXAMPLO - SQL Injection
by Ihsan Sencan
EIP-2026-105913 EXPLOITDB text
Client Expert 1.0.1 - SQL Injection
by Ihsan Sencan
EIP-2026-109656 EXPLOITDB text
Muviko Video CMS - SQL Injection
by Ihsan Sencan
EIP-2026-109625 EXPLOITDB text
Multi Outlets POS 3.1 - 'id' SQL Injection
by Ihsan Sencan
EIP-2026-111750 EXPLOITDB text VERIFIED
Responsive Filemanger <= 9.11.0 - Arbitrary File Disclosure
by Wiswat Aswamenakul
EIP-2026-109799 EXPLOITDB text
MySQL File Uploader 1.0 - 'id' SQL Injection
by Ihsan Sencan
EIP-2026-107307 EXPLOITDB text
Fully Featured News CMS 1.0 - 'id' SQL Injection
by Ihsan Sencan
EIP-2026-107293 EXPLOITDB text
FTP Made Easy PRO 1.2 - Arbitrary File Download
by Ihsan Sencan