Text Exploits

31,337 exploits tracked across all sources.

Sort: Activity Stars

EIP-2026-104387 EXPLOITDB text

OYO File Manager 1.1 (iOS / Android) - Multiple Vulnerabilities

by Vulnerability-Lab

View

EIP-2026-102319 EXPLOITDB text

Wireless Photo Transfer 3.0 iOS - Local File Inclusion

by Vulnerability-Lab

View

CVE-2005-1642 EXPLOITDB text

Woltlab Burning Board - SQL Injection

SQL injection vulnerability in the verify_email function in Woltlab Burning Board 2.x and earlier allows remote attackers to execute arbitrary SQL commands via the $email variable.

by GulfTech Security

View

EIP-2026-113599 EXPLOITDB text

WordPress Plugin Booking Calendar Contact Form 1.0.2 - Multiple Vulnerabilities

by i0akiN SEC-LABORATORY

View

EIP-2026-111017 EXPLOITDB text VERIFIED

PHPCollab 2.5 - 'deletetopics.php' SQL Injection

by Wadeek

View

EIP-2026-113445 EXPLOITDB text

Wing FTP Server Admin 4.4.5 - Cross-Site Request Forgery (Add User)

by hyp3rlinx

View

EIP-2026-112402 EXPLOITDB text

SQLBuddy 1.3.3 - Directory Traversal

by hyp3rlinx

View

EIP-2026-111354 EXPLOITDB text VERIFIED

Pluck CMS 4.7 - Directory Traversal

by Wadeek

View

EIP-2026-106788 EXPLOITDB text

eFront 3.6.15 - PHP Object Injection

by Filippo Roncari

View

EIP-2026-106787 EXPLOITDB text

eFront 3.6.15 - Multiple SQL Injections

by Filippo Roncari

View

EIP-2026-106786 EXPLOITDB text

eFront 3.6.15 - Directory Traversal

by Filippo Roncari

View

EIP-2026-102136 EXPLOITDB text

ZTE F660 - Remote Configuration Download

by Daniel Cisa

View

EIP-2026-119392 EXPLOITDB text

Manage Engine Asset Explorer 6.1.0 Build: 6110 - Cross-Site Request Forgery

by Kaustubh G. Padwad

View

CVE-2015-3141 EXPLOITDB text

Synametrics Technologies Xeams <4.5 Build 5755 - CSRF

Multiple cross-site request forgery (CSRF) vulnerabilities in Synametrics Technologies Xeams 4.5 Build 5755 and earlier allow remote attackers to hijack the authentication of administrators for requests that create an (1) SMTP domain or a (2) user via a request to /FrontController; or conduct cross-site scripting (XSS) attacks via the (3) domainname parameter to /FrontController, when creating a new SMTP domain configuration; the (4) txtRecipient parameter to /FrontController, when creating a new forwarder; the (5) popFetchServer, (6) popFetchUser, or (7) popFetchRecipient parameter to /FrontController, when creating a new POP3 Fetcher account; or the (8) Smtp HELO domain in the Advanced Server Configuration.

by Marlow Tannhauser

View

EIP-2026-114285 EXPLOITDB text

WordPress Plugin Yet Another Related Posts 4.2.4 - Cross-Site Request Forgery

by Evex

View

EIP-2026-114144 EXPLOITDB text

WordPress Plugin Ultimate Profile Builder 2.3.3 - Cross-Site Request Forgery

by Kaustubh G. Padwad

View

EIP-2026-113918 EXPLOITDB text VERIFIED

WordPress Plugin N-Media Website Contact Form with File Upload 1.5 - Local File Inclusion

by T3N38R15

View

EIP-2026-113630 EXPLOITDB text

WordPress Plugin ClickBank Ads 1.7 - Cross-Site Request Forgery

by Kaustubh G. Padwad

View

EIP-2026-113529 EXPLOITDB text VERIFIED

WordPress Plugin Ad Inserter 1.5.2 - Cross-Site Request Forgery

by Kaustubh G. Padwad

View

CVE-2015-3140 EXPLOITDB HIGH text

Synametrics Technologies - CSRF

Multiple cross-site request forgery (CSRF) vulnerabilities in Synametrics Technologies SynaMan before 3.5 Build 1451, Syncrify before 3.7 Build 856, and SynTail before 1.5 Build 567

by Marlow Tannhauser

CVSS 8.8

View

CVE-2015-3140 EXPLOITDB HIGH text

Synametrics Technologies - CSRF

Multiple cross-site request forgery (CSRF) vulnerabilities in Synametrics Technologies SynaMan before 3.5 Build 1451, Syncrify before 3.7 Build 856, and SynTail before 1.5 Build 567

by Marlow Tannhauser

CVSS 8.8

View

CVE-2015-3140 EXPLOITDB HIGH text

Synametrics Technologies - CSRF

Multiple cross-site request forgery (CSRF) vulnerabilities in Synametrics Technologies SynaMan before 3.5 Build 1451, Syncrify before 3.7 Build 856, and SynTail before 1.5 Build 567

by Marlow Tannhauser

CVSS 8.8

View

EIP-2026-103259 EXPLOITDB text VERIFIED

Alienvault OSSIM/USM 4.14/4.15/5.0 - Multiple Vulnerabilities

by Peter Lapp

View

CVE-2015-9496 EXPLOITDB HIGH text

Freshmail-newsletter < 1.6 - SQL Injection

The freshmail-newsletter plugin before 1.6 for WordPress has shortcode.php SQL Injection via the 'FM_form id=' substring.

by Felipe Molina

CVSS 8.8

View

CVE-2014-0910 EXPLOITDB text

IBM Websphere Portal - XSS

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0.0 through 6.1.0.6 CF27, 6.1.5.0 through 6.1.5.3 CF27, and 7.0.0 through 7.0.0.2 CF28 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

by Filippo Roncari

View

By Source

All 31,337

By Language

text 31,337