Text Exploits

31,394 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-113301 EXPLOITDB text
WeBid 1.0.6 - SQL Injection
by Life Wasted
EIP-2026-112705 EXPLOITDB text VERIFIED
tinybrowser - 'type' Cross-Site Scripting
by MustLive
EIP-2026-112704 EXPLOITDB text VERIFIED
TinyBrowser - 'tinybrowser.php' Directory Listing
by MustLive
EIP-2026-112703 EXPLOITDB text VERIFIED
TinyBrowser - 'edit.php' Directory Listing
by MustLive
CVE-2012-6430 EXPLOITDB text VERIFIED
Open Solution Quick.Cms 5.0 and Quick.Cart 6.0 - Cross-Site Scripting via PATH_INFO to admin.php
Cross-site scripting (XSS) vulnerability in Open Solution Quick.Cms 5.0 and Quick.Cart 6.0, possibly as downloaded before December 19, 2012, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin.php. NOTE: this might be a duplicate of CVE-2008-4140.
by High-Tech Bridge
CVE-2012-5190 EXPLOITDB CRITICAL text VERIFIED
Prizm Content Connect 5.1 - Code Injection
Prizm Content Connect 5.1 has an Arbitrary File Upload Vulnerability
by Include Security Research
CVSS 9.8
EIP-2026-107209 EXPLOITDB text VERIFIED
Free Blog 1.0 - Multiple Vulnerabilities
by cr4wl3r
CVE-2012-6272 EXPLOITDB text VERIFIED
Dell OpenManage Server Administrator 6.5.0.1, 7.0.0.1, 7.1.0.1 - Cross-Site Scripting via Topic Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Dell OpenManage Server Administrator 6.5.0.1, 7.0.0.1, and 7.1.0.1 allow remote attackers to inject arbitrary web script or HTML via the topic parameter to html/index_main.htm in (1) help/sm/en/Output/wwhelp/wwhimpl/js/, (2) help/sm/es/Output/wwhelp/wwhimpl/js/, (3) help/sm/ja/Output/wwhelp/wwhimpl/js/, (4) help/sm/de/Output/wwhelp/wwhimpl/js/, (5) help/sm/fr/Output/wwhelp/wwhimpl/js/, (6) help/sm/zh/Output/wwhelp/wwhimpl/js/, (7) help/hip/en/msgguide/wwhelp/wwhimpl/js/, or (8) help/hip/en/msgguide/wwhelp/wwhimpl/common/.
by Tenable NS
EIP-2026-103217 EXPLOITDB text VERIFIED
Schmid Watson Management Console - Directory Traversal
by Dhruv Shah
EIP-2026-102111 EXPLOITDB text
Watson Management Console 4.11.2.G - Directory Traversal
by Dhruv Shah
EIP-2026-113926 EXPLOITDB text VERIFIED
WordPress Plugin NextGEN Gallery - 'test-head' Cross-Site Scripting
by Am!r
EIP-2026-109591 EXPLOITDB text VERIFIED
MotoCMS - 'admin/data/users.xml' Access Restriction / Information Disclosure
by AkaStep
EIP-2026-108376 EXPLOITDB text VERIFIED
Joomla! Component com_incapsula - Multiple Cross-Site Scripting Vulnerabilities
by Gjoko Krstic
EIP-2026-106619 EXPLOITDB text VERIFIED
E Sms Script - Multiple SQL Injections
by cr4wl3r
CVE-2013-2299 EXPLOITDB text
Advantech WebAccess < 7.1 - Authenticated Cross-Site Scripting
Cross-site scripting (XSS) vulnerability in Advantech WebAccess (formerly BroadWin WebAccess) before 7.1 2013.05.30 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
by SecPod Research
CVE-2013-0722 EXPLOITDB text
Ettercap 0.7.5.1- - Buffer Overflow
Stack-based buffer overflow in the scan_load_hosts function in ec_scan.c in Ettercap 0.7.5.1 and earlier might allow local users to gain privileges via a Trojan horse hosts list containing a long line.
by Sajjad Pourali
EIP-2026-100065 EXPLOITDB text VERIFIED
Facebook for Android - 'LoginActivity' Information Disclosure
by Takeshi Terada
CVE-2013-0161 EXPLOITDB MEDIUM text VERIFIED
Havalite CMS 1.1.7 - Stored Cross-Site Scripting
Havalite CMS 1.1.7 has a stored XSS vulnerability
by Henri Salo
CVSS 5.4
CVE-2012-6493 EXPLOITDB text VERIFIED
Rapid7 Nexpose < 5.5.4 - Cross-Site Request Forgery via Site Deletion Request
Cross-site request forgery (CSRF) vulnerability in Rapid7 Nexpose Security Console before 5.5.4 allows remote attackers to hijack the authentication of unspecified victims for requests that delete scan data and sites via a request to data/site/delete.
by Robert Gilbert
EIP-2026-110558 EXPLOITDB text VERIFIED
pfSense 2.0.1 - Cross-Site Scripting / Cross-Site Request Forgery / Remote Command Execution
by Yann CAM
EIP-2026-119425 EXPLOITDB text VERIFIED
Simple Web Server 2.3-rc1 - Directory Traversal
by CwG GeNiuS
EIP-2026-112739 EXPLOITDB text VERIFIED
TomatoCart - 'json.php' Security Bypass
by Aung Khant
EIP-2026-109733 EXPLOITDB text VERIFIED
MyBB Profile Wii Friend Code - Multiple Vulnerabilities
by Ichi
EIP-2026-114149 EXPLOITDB text VERIFIED
WordPress Plugin Uploader - Arbitrary File Upload
by Sammy FORGIT
EIP-2026-101154 EXPLOITDB text
Allied Telesis AT-MCF2000M 3.0.2 - Remote Command Execution
by dun