Text Exploits

31,330 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-104339 EXPLOITDB text
MiCollab 7.0 - SQL Injection
by Goran Tuzovic
CVE-2016-1757 EXPLOITDB HIGH text VERIFIED
Apple iOS <9.3 & OS X <10.11.4 - RCE
Race condition in the kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context via a crafted app.
by Google Security Research
CVSS 7.0
EIP-2026-103735 EXPLOITDB text VERIFIED
Wireshark - dissect_ber_integer Static Out-of-Bounds Write
by Google Security Research
EIP-2026-113889 EXPLOITDB text VERIFIED
WordPress Plugin Memphis Document Library 3.1.5 - Arbitrary File Download
by Felipe Molina
EIP-2026-113805 EXPLOITDB text VERIFIED
WordPress Plugin HB Audio Gallery Lite 1.0.0 - Arbitrary File Download
by CrashBandicot
EIP-2026-113682 EXPLOITDB text
WordPress Plugin Dharma Booking 2.38.3 - Remote File Inclusion
by AMAR^SHG
EIP-2026-113606 EXPLOITDB text
WordPress Plugin Brandfolder 3.0 - Local/Remote File Inclusion
by AMAR^SHG
EIP-2026-108631 EXPLOITDB text VERIFIED
Joomla! Component Easy Youtube Gallery 1.0.2 - SQL Injection
by Persian Hack Team
EIP-2026-114466 EXPLOITDB text
XOOPS 2.5.7.2 - Directory Traversal Bypass
by hyp3rlinx
EIP-2026-114465 EXPLOITDB text
Xoops 2.5.7.2 - Cross-Site Request Forgery (Arbitrary User Deletions)
by hyp3rlinx
EIP-2026-113827 EXPLOITDB text
WordPress Plugin Import CSV 1.0 - Directory Traversal
by Wadeek
EIP-2026-113822 EXPLOITDB text
WordPress Plugin Image Export 1.1.0 - Arbitrary File Disclosure
by AMAR^SHG
EIP-2026-113713 EXPLOITDB text VERIFIED
WordPress Plugin eBook Download 1.1 - Directory Traversal
by Wadeek
EIP-2026-113522 EXPLOITDB text
WordPress Plugin Abtest - Local File Inclusion
by CrashBandicot
EIP-2026-111540 EXPLOITDB text
ProjectSend r582 - Multiple Cross-Site Scripting Vulnerabilities
by Michael Helwig
EIP-2026-108022 EXPLOITDB text VERIFIED
iTop 2.2.1 - Cross-Site Request Forgery
by High-Tech Bridge SA
EIP-2026-106464 EXPLOITDB text
Disc ORGanizer (DORG) - Multiple Vulnerabilities
by SECUPENT
EIP-2026-106366 EXPLOITDB text
Dating Pro Genie 2015.7 - Cross-Site Request Forgery
by High-Tech Bridge SA
EIP-2026-101652 EXPLOITDB text
D-Link DWR-932 Firmware 4.00 - Authentication Bypass
by Saeed reza Zamanian
CVE-2016-0793 EXPLOITDB HIGH text VERIFIED
WildFly <10.0.0.Final - Info Disclosure
Incomplete blacklist vulnerability in the servlet filter restriction mechanism in WildFly (formerly JBoss Application Server) before 10.0.0.Final on Windows allows remote attackers to read the sensitive files in the (1) WEB-INF or (2) META-INF directory via a request that contains (a) lowercase or (b) "meaningless" characters.
by Tal Solomon of Palantir Security
CVSS 7.5
EIP-2026-114610 EXPLOITDB text VERIFIED
ZenPhoto 1.4.11 - Remote File Inclusion
by Curesec Research Team
EIP-2026-111288 EXPLOITDB text
PivotX 2.3.11 - Directory Traversal
by Curesec Research Team
CVE-2016-11017 EXPLOITDB CRITICAL text
Akips Network Monitor < 16.5 - OS Command Injection
The application login page in AKIPS Network Monitor 15.37 through 16.5 allows a remote unauthenticated attacker to execute arbitrary OS commands via shell metacharacters in the username parameter (a failed login attempt returns the command-injection output to a limited login failure field). This is fixed in 16.6.
by BrianWGray
CVSS 9.8
EIP-2026-115936 EXPLOITDB text
Netwrix Auditor 7.1.322.0 - ActiveX 'sourceFile' Stack Buffer Overflow
by LiquidWorm
EIP-2026-109568 EXPLOITDB text
Monstra CMS 3.0.3 - Multiple Vulnerabilities
by Sarim Kiani
By Source
All 31,330 Writeup 59,917 Exploitdb 49,989 Nomisec 21,538 Metasploit 3,218 Github 2,548 Vulncheck_xdb 904 Inthewild 514 Gitlab 441 Gitee 415 Patchapalooza 312
By Language
text 31,330 python 5,930 ruby 5,907 c 3,565 perl 2,849 html 2,053 php 1,326 bash 459 java 362 c++ 250 javascript 215 shell 90 go 53 postscript 25 xml 24