Text Exploits

31,329 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-107865 EXPLOITDB text
Inout SocialTiles 2.0 Script - Improper Access Restrictions
by Ihsan Sencan
EIP-2026-107864 EXPLOITDB text
Inout SmartDeal 1.0 Script - Improper Access Restrictions
by Ihsan Sencan
EIP-2026-107863 EXPLOITDB text
Inout Search Engine Ultimate Edition 7.0/8.0 Script - Improper Access Restrictions
by Ihsan Sencan
EIP-2026-107861 EXPLOITDB text
Inout QuerySpace 1.0 Script - Improper Access Restrictions
by Ihsan Sencan
EIP-2026-107857 EXPLOITDB text
Inout Celebrities 1.0 Script - Improper Access Restrictions
by Ihsan Sencan
EIP-2026-107856 EXPLOITDB text
Inout CareerLamp 1.0 Script - Improper Access Restrictions
by Ihsan Sencan
EIP-2026-106892 EXPLOITDB text
Entrepreneur Matrimonial Script - Authentication Bypass
by Ihsan Sencan
EIP-2026-106775 EXPLOITDB text
Education Website Script - Authentication Bypass
by Ihsan Sencan
EIP-2026-106186 EXPLOITDB text
Courier Business Website Script - Authentication Bypass
by Ihsan Sencan
EIP-2026-103345 EXPLOITDB text
Zeroshell 3.6.0/3.7.0 Net Services - Remote Code Execution
by Ozer Goker
EIP-2026-116813 EXPLOITDB text
aSc Timetables 2017 - Local Buffer Overflow
by Peter Baris
EIP-2026-110103 EXPLOITDB text
Online Food Delivery 2.04 - Authentication Bypass
by Dawid Morawski
EIP-2026-107999 EXPLOITDB text
Itech Job Portal Script 9.11 - Authentication Bypass
by Dawid Morawski
CVE-2017-6340 EXPLOITDB MEDIUM text VERIFIED
Trendmicro Interscan Web Security Virtual Appliance < 6.5 - XSS
Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 does not sanitize a rest/commonlog/report/template name field, which allows a 'Reports Only' user to inject malicious JavaScript while creating a new report. Additionally, IWSVA implements incorrect access control that allows any authenticated, remote user (even with low privileges like 'Auditor') to create or modify reports, and consequently take advantage of this XSS vulnerability. The JavaScript is executed when victims visit reports or auditlog pages.
by SlidingWindow
CVSS 5.4
EIP-2026-101782 EXPLOITDB text
Huawei Flybox B660 - Cross-Site Request Forgery (2)
by Vulnerability-Lab
CVE-2017-20196 EXPLOITDB MEDIUM text
Itechscripts School Management Software 2.75 - SQL Injection
A vulnerability was found in Itechscripts School Management Software 2.75. It has been classified as critical. This affects an unknown part of the file /notice-edit.php. The manipulation of the argument aid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
by Ihsan Sencan
CVSS 6.3
EIP-2026-115007 EXPLOITDB text VERIFIED
Boxoft Wav 1.0 - Buffer Overflow
by Vulnerability-Lab
EIP-2026-112423 EXPLOITDB text VERIFIED
Starting Page 1.3 - 'category' SQL Injection
by Ben Lee
EIP-2026-110545 EXPLOITDB text
Penny Auction Script - Arbitrary File Upload
by Ihsan Sencan
EIP-2026-109666 EXPLOITDB text VERIFIED
My Link Trader 1.1 - 'id' SQL Injection
by Dawid Morawski
EIP-2026-108014 EXPLOITDB text
Itech Travel Portal Script 9.33 - SQL Injection
by Ihsan Sencan
EIP-2026-108002 EXPLOITDB text
Itech Movie Portal Script 7.35 - SQL Injection
by Ihsan Sencan
EIP-2026-106759 EXPLOITDB text
ECommerce-TIBSECART - Arbitrary File Upload
by Ihsan Sencan
EIP-2026-106758 EXPLOITDB text
ECommerce-Multi-Vendor Software - Arbitrary File Upload
by Ihsan Sencan
EIP-2026-106367 EXPLOITDB text
Dating Script 3.25 - SQL Injection
by Dawid Morawski
By Source
All 31,329 Writeup 59,763 Exploitdb 49,983 Nomisec 21,484 Metasploit 3,218 Github 2,526 Vulncheck_xdb 903 Inthewild 514 Gitlab 440 Gitee 415 Patchapalooza 312
By Language
text 31,329 python 5,913 ruby 5,907 c 3,563 perl 2,849 html 2,053 php 1,326 bash 459 java 362 c++ 250 javascript 215 shell 88 go 53 postscript 25 xml 24