Text Exploits

31,337 exploits tracked across all sources.

Sort: Activity Stars
CVE-2012-5875 EXPLOITDB text
Fireflymediaserver Firefly Media Server - Denial of Service
Firefly Media Server 1.0.0.1359 allows remote attackers to cause a denial of service (NULL pointer dereference) via a (1) crafted Connection HTTP header; a return carriage control character in the (2) Accept Language header, (3) User-agent header, (4) Host header, or (5) protocol version; or a (6) crafted HTTP protocol version.
by High-Tech Bridge SA
CVE-2012-5874 EXPLOITDB text VERIFIED
Elite-board Elite Bulletin Board < 2.1.21 - SQL Injection
Multiple SQL injection vulnerabilities in the (1) update_whosonline_reg and (2) update_whosonline_guest functions in Elite Bulletin Board before 2.1.22 allow remote attackers to execute arbitrary SQL commands via the PATH_INFO to (a) checkuser.php, (b) groups.php, (c) index.php, (d) login.php, (e) quicklogin.php, (f) register.php, (g) Search.php, (h) viewboard.php, or (i) viewtopic.php.
by High-Tech Bridge SA
CVE-2012-5244 EXPLOITDB text VERIFIED
Banana Dance B.- SQL Injection
Multiple SQL injection vulnerabilities in Banana Dance B.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) return, (2) display, (3) table, or (4) search parameter to functions/suggest.php; (5) the id parameter to functions/widgets.php, (6) the category parameter to functions/print.php; or (7) the name parameter to functions/ajax.php.
by High-Tech Bridge SA
EIP-2026-102131 EXPLOITDB text
YeaLink IP Phone SIP-TxxP Firmware 9.70.0.100 - Multiple Vulnerabilities
by xistence
EIP-2026-100541 EXPLOITDB text VERIFIED
SelectSurvey CMS - 'ASP.NET' Arbitrary File Upload
by 040
EIP-2026-115147 EXPLOITDB text VERIFIED
DIMIN Viewer 5.4.0 - GIF Decode Crash (PoC)
by Lizhi Wang
EIP-2026-114313 EXPLOITDB text VERIFIED
WordPress Theme Clockstone (and other CMSMasters Themes) - Arbitrary File Upload
by DigiP
EIP-2026-108612 EXPLOITDB text VERIFIED
Joomla! Component com_ztautolink - 'Controller' Local File Inclusion
by Xr0b0t
EIP-2026-108282 EXPLOITDB text VERIFIED
Joomla! Component com_bit - 'Controller' Local File Inclusion
by Xr0b0t
EIP-2026-102018 EXPLOITDB text
SonicWALL SonicOS 5.8.1.8 WAF - Cross-Site Scripting
by Vulnerability-Lab
EIP-2026-101716 EXPLOITDB text
Enterpriser16 Load Balancer 7.1 - Multiple Cross-Site Scripting Vulnerabilities
by Vulnerability-Lab
EIP-2026-114863 EXPLOITDB text VERIFIED
Adobe Flash Player 11.5.502.135 - Crash (PoC)
by coolkaveh
EIP-2026-109737 EXPLOITDB text VERIFIED
MyBB Transactions Plugin - 'transaction' SQL Injection
by limb0
EIP-2026-114013 EXPLOITDB text VERIFIED
WordPress Plugin RokBox Plugin - '/wp-content/plugins/wp_rokbox/jwplayer/jwplayer.swf?abouttext' Cross-Site Scripting
by MustLive
EIP-2026-109739 EXPLOITDB text VERIFIED
MyBB User Profile Skype ID Plugin 1.0 - Persistent Cross-Site Scripting
by limb0
EIP-2026-102749 EXPLOITDB text VERIFIED
Totem Movie Player 3.4.3 (Ubuntu) - Stack Corruption
by coolkaveh
EIP-2026-112303 EXPLOITDB text VERIFIED
Social Sites MyBB Plugin 0.2.2 - Cross-Site Scripting
by s3m00t
CVE-2012-5469 EXPLOITDB text VERIFIED
Portable phpMyAdmin <1.3.1 - Auth Bypass
The Portable phpMyAdmin plugin before 1.3.1 for WordPress allows remote attackers to bypass authentication and obtain phpMyAdmin console access via a direct request to wp-content/plugins/portable-phpmyadmin/wp-pma-mod.
by Mark Stanislav
EIP-2026-110636 EXPLOITDB text VERIFIED
PHP Address Book - 'group' Cross-Site Scripting
by Kenneth F. Belva
EIP-2026-109813 EXPLOITDB text
MyYoutube MyBB Plugin 1.0 - SQL Injection
by Zixem
EIP-2026-109712 EXPLOITDB text
MyBB DyMy User Agent Plugin - 'newreply.php' SQL Injection
by JoinSe7en
EIP-2026-109706 EXPLOITDB text VERIFIED
MyBB AJAX Chat - Persistent Cross-Site Scripting
by Mr. P-teo
EIP-2026-107029 EXPLOITDB text VERIFIED
Facebook Profile MyBB Plugin 2.4 - Persistent Cross-Site Scripting
by limb0
EIP-2026-102411 EXPLOITDB text VERIFIED
N-able N-central - Cross-Site Request Forgery
by Cartel
CVE-2012-6007 EXPLOITDB text
Cisco Wireless Lan Controller Software - XSS
Cross-site scripting (XSS) vulnerability in screens/base/web_auth_custom.html on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allows remote authenticated users to inject arbitrary web script or HTML via the headline parameter, aka Bug ID CSCud65187, a different vulnerability than CVE-2012-5992.
by Jacob Holcomb
By Source
All 31,337 Writeup 60,210 Exploitdb 50,000 Nomisec 21,750 Metasploit 3,220 Github 2,593 Vulncheck_xdb 905 Inthewild 514 Gitlab 442 Gitee 415 Patchapalooza 312
By Language
text 31,337 python 5,970 ruby 5,909 c 3,567 perl 2,849 html 2,053 php 1,326 bash 460 java 362 c++ 250 javascript 215 shell 91 go 55 postscript 25 xml 24