Exploitdb Exploits

31,394 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-114356 EXPLOITDB text VERIFIED
WordPress Theme Toolbox - 'mls' SQL Injection
by Ashiyane Digital Security Team
CVE-2012-6312 EXPLOITDB text VERIFIED
Video Lead Form plugin for WordPress - Cross-Site Scripting via errMsg Parameter
Cross-site scripting (XSS) vulnerability in the Video Lead Form plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the errMsg parameter in a video-lead-form action to wp-admin/admin.php.
by Aditya Balapure
EIP-2026-104379 EXPLOITDB text
Oracle OpenSSO 8.0 - Multiple Cross-Site Scripting POST Injection Vulnerabilities
by LiquidWorm
EIP-2026-100324 EXPLOITDB text
FCKEditor Core ASP 2.6.8 - Arbitrary File Upload Protection Bypass
by Soroush Dalili
EIP-2026-119374 EXPLOITDB text
gleamtech filevista/fileultimate 4.6 - Directory Traversal
by Soroush Dalili
EIP-2026-105469 EXPLOITDB text VERIFIED
BigDump 0.29b and 0.32b - Multiple Vulnerabilities
by Ur0b0r0x
EIP-2026-114316 EXPLOITDB text VERIFIED
WordPress Theme CStar Design - 'id' SQL Injection
by Amirh03in
EIP-2026-114362 EXPLOITDB text VERIFIED
WordPress Theme Wp-ImageZoom - 'id' SQL Injection
by Amirh03in
EIP-2026-113540 EXPLOITDB text VERIFIED
WordPress Plugin Ads Box - 'count' SQL Injection
by Ashiyane Digital Security Team
EIP-2026-112243 EXPLOITDB text VERIFIED
SmartCMS - 'index.php?idx' SQL Injection
by NoGe
EIP-2026-111460 EXPLOITDB text VERIFIED
PRADO PHP Framework 3.2.0 - Arbitrary File Read
by LiquidWorm
EIP-2026-105664 EXPLOITDB text VERIFIED
BuyClassifiedScript - PHP Code Injection
by d3b4g
CVE-2012-4982 EXPLOITDB text VERIFIED
Forescout CounterACT <7.0 - Open Redirect
Open redirect vulnerability in assets/login on the Forescout CounterACT NAC device before 7.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the a parameter.
by Joseph Sheridan
EIP-2026-103719 EXPLOITDB text
Websense Proxy - Filter Bypass
by Nahuel Grisolia
EIP-2026-108069 EXPLOITDB text VERIFIED
jBilling 3.0.2 - Cross-Site Scripting
by Woody Hughes
EIP-2026-106902 EXPLOITDB text VERIFIED
ES CmS 0.1 - SQL Injection
by hossein beizaee
EIP-2026-105430 EXPLOITDB text VERIFIED
Beat Websites - 'id' SQL Injection
by Metropolis
EIP-2026-103915 EXPLOITDB text VERIFIED
Greenstone - Multiple Vulnerabilities
by AkaStep
EIP-2026-114340 EXPLOITDB text VERIFIED
WordPress Theme Magazine Basic - 'id' SQL Injection
by Novin hack
EIP-2026-114294 EXPLOITDB text VERIFIED
WordPress Plugin Zingiri Web Shop - 'path' Arbitrary File Upload
by Ashiyane Digital Security Team
EIP-2026-114291 EXPLOITDB text VERIFIED
WordPress Plugin Zarzadzonie Kontem - 'ajaxfilemanager.php' Script Arbitrary File Upload
by Ashiyane Digital Security Team
EIP-2026-114186 EXPLOITDB text VERIFIED
WordPress Plugin Webplayer - 'id' SQL Injection
by Novin hack
EIP-2026-113969 EXPLOITDB text VERIFIED
WordPress Plugin Plg Novana - 'id' SQL Injection
by sil3nt
EIP-2026-119399 EXPLOITDB text
ManageEngine ServiceDesk 8.0 - Multiple Vulnerabilities
by Vulnerability-Lab
EIP-2026-114866 EXPLOITDB text VERIFIED
Adobe Reader 10.1.4 - JP2KLib&CoolType Crash (PoC)
by coolkaveh