Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-108002 EXPLOITDB text
Itech Movie Portal Script 7.35 - SQL Injection
by Ihsan Sencan
EIP-2026-106759 EXPLOITDB text
ECommerce-TIBSECART - Arbitrary File Upload
by Ihsan Sencan
EIP-2026-106758 EXPLOITDB text
ECommerce-Multi-Vendor Software - Arbitrary File Upload
by Ihsan Sencan
EIP-2026-106367 EXPLOITDB text
Dating Script 3.25 - SQL Injection
by Dawid Morawski
EIP-2026-105032 EXPLOITDB text
Airbnb Clone Script - Arbitrary File Upload
by Ihsan Sencan
CVE-2017-2930 EXPLOITDB HIGH text VERIFIED
Adobe Flash Player < 24.0.0.186 - Memory Corruption via Display List Concurrency Error
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability due to a concurrency error when manipulating a display list. Successful exploitation could lead to arbitrary code execution.
by COSIG
CVSS 8.8
CVE-2017-2930 EXPLOITDB HIGH text VERIFIED
Adobe Flash Player < 24.0.0.186 - Memory Corruption via Display List Concurrency Error
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability due to a concurrency error when manipulating a display list. Successful exploitation could lead to arbitrary code execution.
by COSIG
CVSS 8.8
EIP-2026-114238 EXPLOITDB text VERIFIED
WordPress Plugin WP Support Plus Responsive Ticket System 7.1.3 - Privilege Escalation
by Kacper Szurek
EIP-2026-112424 EXPLOITDB text VERIFIED
Starting Page 1.3 - 'linkid' SQL Injection
by JaMbA
EIP-2026-101781 EXPLOITDB text
Huawei Flybox B660 - Cross-Site Request Forgery (1)
by Vulnerability-Lab
EIP-2026-101629 EXPLOITDB text
D-Link DIR-615 - Multiple Vulnerabilities
by Osanda Malith Jayathissa
EIP-2026-109673 EXPLOITDB text
My PHP Dating 2.0 - 'path' SQL Injection
by Ihsan Sencan
EIP-2026-109672 EXPLOITDB text
My PHP Dating 2.0 - 'id' SQL Injection
by Sniper Pex
EIP-2026-107251 EXPLOITDB text VERIFIED
Friends in War Make or Break 1.7 - 'imgid' SQL Injection
by v3n0m
CVE-2016-9587 EXPLOITDB HIGH text
Ansible < 2.1.4 and < 2.2.1 - Remote Code Execution via Client Fact Data
Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges.
by Computest
CVSS 8.1
EIP-2026-102361 EXPLOITDB text
Blackboard LMS 9.1 SP14 - Cross-Site Scripting
by Vulnerability-Lab
EIP-2026-116736 EXPLOITDB text VERIFIED
Advanced Desktop Locker 6.0.0 - Lock Screen Bypass
by Squnity
EIP-2026-104632 EXPLOITDB text
DirectAdmin 1.50.1 - Denial of Service
by IeDb ir
EIP-2026-102408 EXPLOITDB text
ManagEnegine ADManager Plus 6.5.40 - Multiple Vulnerabilities
by Mehmet Ince
CVE-2014-8380 EXPLOITDB text
Splunk 6.1.1 - Cross-Site Scripting via HTTP Referer Header
Cross-site scripting (XSS) vulnerability in Splunk 6.1.1 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer Header in a "404 Not Found" response. NOTE: this vulnerability might exist because of a CVE-2010-2429 regression.
by justpentest
EIP-2026-109667 EXPLOITDB text VERIFIED
My Link Trader 1.1 - Authentication Bypass
by Ihsan Sencan
EIP-2026-100032 EXPLOITDB text VERIFIED
Google Android max86902 Driver - 'sysfs' Interfaces Race Condition
by Google Security Research
CVE-2016-7201 EXPLOITDB HIGH text
Microsoft Edge - Remote Code Execution via Chakra JavaScript Engine Type Confusion
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243.
by Brian Pak
CVSS 8.8
CVE-2016-7200 EXPLOITDB HIGH text
Microsoft Edge - Remote Code Execution via Chakra JavaScript Engine Memory Corruption
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243.
by Brian Pak
CVSS 8.8
CVE-2016-6283 EXPLOITDB MEDIUM text VERIFIED
Atlassian Confluence < 5.10.5 - Cross-Site Scripting via newFileName Parameter
Cross-site scripting (XSS) vulnerability in Atlassian Confluence before 5.10.6 allows remote attackers to inject arbitrary web script or HTML via the newFileName parameter to pages/doeditattachment.action.
by Jodson Santos
CVSS 6.1