Text Exploits

31,330 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-101230 EXPLOITDB text
D-Link DIR-645 - Multiple UPNP Vulnerabilities
by Samuel Huntley
EIP-2026-101228 EXPLOITDB text
D-Link DIR-615 - Multiple Buffer Overflow Vulnerabilities
by Samuel Huntley
EIP-2026-101226 EXPLOITDB text
D-Link DIR-601 - Command Injection
by Samuel Huntley
EIP-2026-101223 EXPLOITDB text
D-Link DGL5500 - HNAP Buffer Overflow
by Samuel Huntley
EIP-2026-105365 EXPLOITDB text
b374k 3.2.3/2.8 (Web Shell) - Cross-Site Request Forgery / Command Injection
by hyp3rlinx
EIP-2026-111657 EXPLOITDB text
R-Scripts Vacation Rental Script 7R - Multiple Vulnerabilities
by LiquidWorm
CVE-2015-9316 EXPLOITDB CRITICAL text
Wpfastestcache WP Fastest Cache < 0.8.4.9 - SQL Injection
The wp-fastest-cache plugin before 0.8.4.9 for WordPress has SQL injection in wp-admin/admin-ajax.php?action=wpfc_wppolls_ajax_request via the poll_id parameter.
by Kacper Szurek
CVSS 9.8
EIP-2026-114527 EXPLOITDB text VERIFIED
YesWiki 0.2 - 'template' Directory Traversal
by HaHwul
EIP-2026-101311 EXPLOITDB text
Huawei HG630a / HG630a-50 - Default SSH Admin Password on ADSL Modems
by Murat Sahin
EIP-2026-112607 EXPLOITDB text
TestLink 1.9.14 - Cross-Site Request Forgery
by Aravind C Ajayan_ Balagopal N
EIP-2026-103473 EXPLOITDB text VERIFIED
FreeType 2.6.1 - TrueType tt_sbit_decoder_load_bit_aligned Heap Out-of-Bounds Read
by Google Security Research
EIP-2026-107460 EXPLOITDB text
Google AdWords API PHP client library 6.2.0 - Arbitrary PHP Code Execution
by Dawid Golunski
EIP-2026-107459 EXPLOITDB text
Google AdWords 6.2.0 API client libraries - XML eXternal Entity Injection
by Dawid Golunski
EIP-2026-106744 EXPLOITDB text
eBay Magento CE 1.9.2.1 - Unrestricted Cron Script (Code Execution / Denial of Service)
by Dawid Golunski
EIP-2026-119159 EXPLOITDB text
SolarWinds Log and Event Manager/Trigeo SIM 6.1.0 - Remote Command Execution
by Chris Graham
EIP-2026-113913 EXPLOITDB text VERIFIED
WordPress Plugin My Calendar 2.4.10 - Multiple Vulnerabilities
by Mysticism
EIP-2026-102514 EXPLOITDB text
NXFilter 3.0.3 - Multiple Cross-Site Scripting Vulnerabilities
by hyp3rlinx
EIP-2026-102513 EXPLOITDB text
NXFilter 3.0.3 - Cross-Site Request Forgery
by hyp3rlinx
CVE-2015-7808 EXPLOITDB text VERIFIED
vBulletin 5 Connect <5.1.9 - Code Injection
The vB_Api_Hook::decodeArguments method in vBulletin 5 Connect 5.1.2 through 5.1.9 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object in the arguments parameter to ajax/api/hook/decodeArguments.
by hhjj
EIP-2026-102595 EXPLOITDB text VERIFIED
FreeType 2.6.1 - TrueType tt_cmap14_validate Parsing Heap Out-of-Bounds Reads
by Google Security Research
EIP-2026-116112 EXPLOITDB text
Python 3.3 < 3.5 - 'product_setstate()' Out-of-Bounds Read
by John Leitch
EIP-2026-116111 EXPLOITDB text
Python 2.7 hotshot Module - 'pack_string' Heap Buffer Overflow (PoC)
by John Leitch
EIP-2026-116110 EXPLOITDB text
Python 2.7 - 'strop.replace()' Method Integer Overflow
by John Leitch
EIP-2026-103642 EXPLOITDB text
Python 2.7 - 'array.fromstring' Method Use-After-Free
by John Leitch
CVE-2015-7898 EXPLOITDB MEDIUM text VERIFIED
Samsung Galaxy S6 - DoS
Samsung Gallery in the Samsung Galaxy S6 allows local users to cause a denial of service (process crash).
by Google Security Research
CVSS 5.5
By Source
All 31,330 Writeup 59,943 Exploitdb 49,989 Nomisec 21,563 Metasploit 3,218 Github 2,550 Vulncheck_xdb 904 Inthewild 514 Gitlab 441 Gitee 415 Patchapalooza 312
By Language
text 31,330 python 5,932 ruby 5,907 c 3,565 perl 2,849 html 2,053 php 1,326 bash 459 java 362 c++ 250 javascript 215 shell 90 go 53 postscript 25 xml 24