Text Exploits

31,337 exploits tracked across all sources.

Sort: Activity Stars
CVE-2013-1469 EXPLOITDB text VERIFIED
Piwigo < 2.4.6 - Path Traversal
Directory traversal vulnerability in install.php in Piwigo before 2.4.7 allows remote attackers to read and delete arbitrary files via a .. (dot dot) in the dl parameter.
by LiquidWorm
EIP-2026-105865 EXPLOITDB text VERIFIED
CKEditor - 'posteddata.php' Cross-Site Scripting
by AkaStep
CVE-2013-10060 EXPLOITDB HIGH text
Netgear router <1.0.0.36 - Command Injection
An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN2200B model) firmware versions 1.0.0.36 and prior via the pppoe.cgi endpoint. A remote attacker with valid credentials can execute arbitrary commands via crafted input to the pppoe_username parameter. This flaw allows full compromise of the device and may persist across reboots unless configuration is restored.
by m-1-k-3
CVSS 7.2
EIP-2026-118250 EXPLOITDB text VERIFIED
Alt-N MDaemon WorldClient And WebAdmin - Cross-Site Request Forgery
by QSecure
EIP-2026-111955 EXPLOITDB text
Scripts Genie Pet Rate Pro - Multiple Vulnerabilities
by TheMirkin
EIP-2026-111954 EXPLOITDB text VERIFIED
Scripts Genie Hot Scripts Clone - 'showcategory.php?cid' SQL Injection
by Easy Laster
EIP-2026-106075 EXPLOITDB text
Cometchat Application - Multiple Vulnerabilities
by z3r0sPlOiT
EIP-2026-102094 EXPLOITDB text
USB Sharp 1.3.4 iPad iPhone - Multiple Vulnerabilities
by Vulnerability-Lab
EIP-2026-100434 EXPLOITDB text VERIFIED
MIMEsweeper For SMTP - Multiple Cross-Site Scripting Vulnerabilities
by Anastasios Monachos
CVE-2013-1592 EXPLOITDB CRITICAL text VERIFIED
SAP Netweaver - Buffer Overflow
A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistics() function when sending specially crafted SAP Message Server packets to remote TCP ports 36NN and/or 39NN in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04, which could let a remote malicious user execute arbitrary code.
by Core Security
CVSS 9.8
EIP-2026-111956 EXPLOITDB text VERIFIED
Scripts Genie Top Sites - 'out.php?id' SQL Injection
by 3spi0n
EIP-2026-111953 EXPLOITDB text VERIFIED
Scripts Genie Games Site Script - 'index.php?id' SQL Injection
by 3spi0n
EIP-2026-111952 EXPLOITDB text VERIFIED
Scripts Genie Gallery Personals - 'gallery.php?L' SQL Injection
by 3spi0n
EIP-2026-111951 EXPLOITDB text VERIFIED
Scripts Genie Domain Trader - 'catalog.php?id' SQL Injection
by 3spi0n
EIP-2026-106073 EXPLOITDB text VERIFIED
Cometchat - Multiple Vulnerabilities
by B127Y
EIP-2026-105828 EXPLOITDB text VERIFIED
ChillyCMS 1.3.0 - Multiple Vulnerabilities
by Abhi M Balakrishnan
CVE-2012-6276 EXPLOITDB text
Tp-link Tl-wr841n Firmware - Path Traversal
Directory traversal vulnerability in the web-based management interface on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via the URL parameter.
by m-1-k-3
EIP-2026-101689 EXPLOITDB text
Edimax EW-7206-APg and EW-7209APg - Multiple Vulnerabilities
by m-1-k-3
CVE-2013-10049 EXPLOITDB CRITICAL text
Raidsonic NAS - Command Injection
An OS command injection vulnerability exists in multiple Raidsonic NAS devices—specifically tested on IB-NAS5220 and IB-NAS4220—via the unauthenticated timeHandler.cgi endpoint exposed through the web interface. The CGI script fails to properly sanitize user-supplied input in the timeZone parameter of a POST request, allowing remote attackers to inject arbitrary shell commands.
by m-1-k-3
EIP-2026-119435 EXPLOITDB text
SonicWALL Scrutinizer 9.5.2 - SQL Injection
by Vulnerability-Lab
EIP-2026-119434 EXPLOITDB text
SonicWALL OEM Scrutinizer 9.5.2 - Multiple Vulnerabilities
by Vulnerability-Lab
CVE-2013-0291 EXPLOITDB HIGH text VERIFIED
Imagely Nextgen Gallery - Information Disclosure
NextGEN Gallery Plugin for WordPress 1.9.10 and 1.9.11 has a Path Disclosure Vulnerability
by Henrique Montenegro
CVSS 7.5
EIP-2026-112889 EXPLOITDB text VERIFIED
Ultra Light Forum - Persistent Cross-Site Scripting
by cr4wl3r
EIP-2026-102079 EXPLOITDB text
Transferable Remote 1.1 iPad iPhone - Multiple Vulnerabilities
by Vulnerability-Lab
EIP-2026-101905 EXPLOITDB text
OpenPLI 3.0 Beta (OpenPLi-beta-dm7000-20130127-272) - Multiple Vulnerabilities
by m-1-k-3
By Source
All 31,337 Writeup 60,208 Exploitdb 50,000 Nomisec 21,744 Metasploit 3,219 Github 2,593 Vulncheck_xdb 905 Inthewild 514 Gitlab 442 Gitee 415 Patchapalooza 312
By Language
text 31,337 python 5,970 ruby 5,908 c 3,567 perl 2,849 html 2,053 php 1,326 bash 460 java 362 c++ 250 javascript 215 shell 91 go 55 postscript 25 xml 24