Exploitdb Exploits

31,394 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-103963 EXPLOITDB text VERIFIED
Laravel - 'Hash::make()' Password Truncation Security
by Pichaya Morimoto
EIP-2026-102303 EXPLOITDB text
USB&WiFi Flash Drive 1.3 iOS - Code Execution
by Vulnerability-Lab
EIP-2026-102139 EXPLOITDB text
ZTE ZXDSL-931VII - Configuration Dump
by L0ukanik0-s S0kniaku0l
CVE-2014-6287 EXPLOITDB CRITICAL text VERIFIED
Rejetto HTTP File Server <2.3c - RCE
The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x before 2.3c allows remote attackers to execute arbitrary programs via a %00 sequence in a search action.
by Daniele Linguaglossa
CVSS 9.8
CVE-2014-4865 EXPLOITDB text
CacheGuard OS 5.7.7 - Cross-Site Request Forgery in Password Admin Interface
Cross-site request forgery (CSRF) vulnerability in gui/password-wadmin.apl in CacheGuard OS 5.7.7 allows remote attackers to hijack the authentication of arbitrary users.
by William Costa
EIP-2026-102219 EXPLOITDB text
Briefcase 4.0 iOS - Code Execution / File Inclusion
by Vulnerability-Lab
EIP-2026-114197 EXPLOITDB text VERIFIED
WordPress Plugin Wordfence Security - Multiple Vulnerabilities
by Voxel@Night
EIP-2026-118257 EXPLOITDB text
Ammyy Admin 3.5 - Remote Code Execution (Metasploit)
by scriptjunkie
EIP-2026-116984 EXPLOITDB text
Comodo Internet Security - HIPS/Sandbox Escape
by Joxean Koret
EIP-2026-108352 EXPLOITDB text
Joomla! Component com_formmaker 3.4 - SQL Injection
by Claudio Viviani
EIP-2026-107178 EXPLOITDB text VERIFIED
Food Order Portal - 'admin_user_delete.php' Cross-Site Request Forgery
by KnocKout
EIP-2026-110345 EXPLOITDB text
OroCRM - Persistent Cross-Site Scripting
by Provensec
EIP-2026-102279 EXPLOITDB text
Photorange 1.0 iOS - Local File Inclusion
by Vulnerability-Lab
EIP-2026-102221 EXPLOITDB text
ChatSecure IM 2.2.4 iOS - Persistent Cross-Site Scripting
by Vulnerability-Lab
EIP-2026-114237 EXPLOITDB text VERIFIED
WordPress Plugin WP Support Plus Responsive Ticket System 2.0 - Multiple Vulnerabilities
by Fikri Fadzil
EIP-2026-110476 EXPLOITDB text
Parallels Plesk Sitebuilder 9.5 - Multiple Vulnerabilities
by alieye
EIP-2026-100005 EXPLOITDB text
PHP Stock Management System 1.02 - Multiple Vulnerabilities
by jsass
CVE-2014-2008 EXPLOITDB text
mpay24 < 1.6 - SQL Injection via TID Parameter
SQL injection vulnerability in confirm.php in the mPAY24 payment module before 1.6 for PrestaShop allows remote attackers to execute arbitrary SQL commands via the TID parameter.
by Wireghoul
EIP-2026-114598 EXPLOITDB text
Zen Cart 1.5.3 - Multiple Vulnerabilities
by smash
EIP-2026-114359 EXPLOITDB text VERIFIED
WordPress Theme Urban City - 'download.php' Arbitrary File Download
by Ashiyane Digital Security Team
EIP-2026-114325 EXPLOITDB text VERIFIED
WordPress Theme Epic - 'download.php' Arbitrary File Download
by Ashiyane Digital Security Team
EIP-2026-114308 EXPLOITDB text VERIFIED
WordPress Theme Authentic - 'download.php' Arbitrary File Download
by Ashiyane Digital Security Team
EIP-2026-114305 EXPLOITDB text VERIFIED
WordPress Theme Antioch - 'download.php' Arbitrary File Download
by Ashiyane Digital Security Team
EIP-2026-114302 EXPLOITDB text
WordPress Theme Acento - 'view-pdf.php?File' Arbitrary File Download
by alieye
EIP-2026-114283 EXPLOITDB text VERIFIED
WordPress Plugin Xhanch My Twitter - Cross-Site Request Forgery
by Voxel@Night