Text Exploits

31,337 exploits tracked across all sources.

Sort: Activity Stars
CVE-2013-6058 EXPLOITDB text
Apprain < 3.0.2 - SQL Injection
SQL injection vulnerability in appRain CMF 3.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to blog-by-cat/.
by High-Tech Bridge SA
CVE-2013-4985 EXPLOITDB HIGH text VERIFIED
Vivotek IP Cameras - Auth Bypass
Multiple Vivotek IP Cameras remote authentication bypass that could allow access to the video stream
by Core Security
CVSS 7.5
CVE-2013-5220 EXPLOITDB text
HOT HOTBOX <2.1.11 - DoS
goform/login on the HOT HOTBOX router with software 2.1.11 allows remote attackers to cause a denial of service (device crash) via crafted HTTP POST data.
by Oz Elisyan
EIP-2026-100516 EXPLOITDB text VERIFIED
RASPcalendar 1.01 (ASP) - Admin Login
by Hackeri-AL UAH-Crew
EIP-2026-109449 EXPLOITDB text
Microweber 0.905 - Error-Based SQL Injection
by Zy0d0x
CVE-2013-6357 EXPLOITDB text
Apache Tomcat < 5.5.25 - CSRF
Cross-site request forgery (CSRF) vulnerability in the Manager application in Apache Tomcat 5.5.25 and earlier allows remote attackers to hijack the authentication of administrators for requests that manipulate application deployment via the POST method, as demonstrated by a /manager/html/undeploy?path= URI. NOTE: the vendor disputes the significance of this report, stating that "the Apache Tomcat Security team has not accepted any reports of CSRF attacks against the Manager application ... as they require a reckless system administrator.
by Ivano Binetti
EIP-2026-104405 EXPLOITDB text
Practico 13.9 - Multiple Vulnerabilities
by LiquidWorm
EIP-2026-114354 EXPLOITDB text
WordPress Theme Think Responsive 1.0 - Arbitrary File Upload
by Byakuya Kouta
EIP-2026-114352 EXPLOITDB text VERIFIED
WordPress Theme Switchblade 1.3 - Arbitrary File Upload
by Byakuya Kouta
EIP-2026-110528 EXPLOITDB text VERIFIED
pdirl PHP Directory Listing 1.0.4 - Cross-Site Scripting
by Vulnerability-Lab
EIP-2026-107814 EXPLOITDB text
ImpressPages CMS 3.6 - Arbitrary File Deletion
by LiquidWorm
EIP-2026-107813 EXPLOITDB text
ImpressPages CMS 3.6 - 'manage()' Remote Code Execution
by LiquidWorm
CVE-2013-5694 EXPLOITDB text
Opsview < 4.4 - SQL Injection
SQL injection vulnerability in status/service/acknowledge in Opsview before 4.4.1 allows remote attackers to execute arbitrary SQL commands via the service_selection parameter.
by J. Oquendo
EIP-2026-107815 EXPLOITDB text
ImpressPages CMS 3.6 - Multiple Cross-Site Scripting / SQL Injection Vulnerabilities
by LiquidWorm
EIP-2026-102091 EXPLOITDB text
Unicorn Router WB-3300NR - Cross-Site Request Forgery (Factory Reset/DNS Change)
by absane
CVE-2013-6793 EXPLOITDB text VERIFIED
Olat - XSS
Multiple cross-site scripting (XSS) vulnerabilities in the Calendar module in Olat 7.8.0.1 (b20130821 N1) allow remote attackers to inject arbitrary web script or HTML via the (1) event name or (2) date field.
by Vulnerability-Lab
EIP-2026-119454 EXPLOITDB text VERIFIED
XAMPP for Windows 1.8.2 - Blind SQL Injection
by Sebastián Magof
CVE-2013-6794 EXPLOITDB text VERIFIED
Olat - XSS
Cross-site scripting (XSS) vulnerability in the Calendar module in Olat 7.8.0.1 (b20130821 N1) allows remote attackers to inject arbitrary web script or HTML via the Location field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by Vulnerability-Lab
EIP-2026-107783 EXPLOITDB text
ILIAS eLearning CMS 4.3.4 < 4.4 - Persistent Cross-Site Scripting
by Vulnerability-Lab
EIP-2026-107517 EXPLOITDB text
GTX CMS 2013 Optima - SQL Injection
by Vulnerability-Lab
CVE-2013-6236 EXPLOITDB CRITICAL text
Izoncam Izon IP Firmware - Hard-coded Credentials
IZON IP 2.0.2: hard-coded password vulnerability
by Mark Stanislav
CVSS 9.8
EIP-2026-110753 EXPLOITDB text VERIFIED
PHP RSS Reader 2010 - SQL Injection
by mishal abdullah
EIP-2026-110208 EXPLOITDB text
Onpub CMS 1.4/1.5 - Multiple SQL Injections
by Vulnerability-Lab
EIP-2026-114317 EXPLOITDB text
WordPress Theme Curvo - Cross-Site Request Forgery / Arbitrary File Upload
by Byakuya Kouta
CVE-2013-4474 EXPLOITDB text VERIFIED
Canonical Ubuntu Linux < 0.24.1 - Improper Input Validation
Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.3 allows remote attackers to cause a denial of service (crash) via format string specifiers in a destination filename.
by Daniel Kahn Gillmor
By Source
All 31,337 Writeup 60,172 Exploitdb 49,996 Nomisec 21,708 Metasploit 3,219 Github 2,564 Vulncheck_xdb 905 Inthewild 514 Gitlab 441 Gitee 415 Patchapalooza 312
By Language
text 31,337 python 5,940 ruby 5,908 c 3,565 perl 2,849 html 2,053 php 1,326 bash 459 java 362 c++ 250 javascript 215 shell 91 go 55 postscript 25 xml 24