Text Exploits

31,337 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-114611 EXPLOITDB text VERIFIED
ZenPhoto 1.4.3.3 - Multiple Vulnerabilities
by waraxe
CVE-2012-4951 EXPLOITDB text VERIFIED
VeriFone VeriCentre Web Console <2.2.36 - SQL Injection
Multiple SQL injection vulnerabilities in terminal/paramedit.aspx in VeriFone VeriCentre Web Console before 2.2 build 36 allow remote attackers to execute arbitrary SQL commands via the (1) TerminalId, (2) ModelName, or (3) ApplicationName parameter.
by Cory Eubanks
CVE-2012-5685 EXPLOITDB text VERIFIED
ZPanel <10.0.1 - SQL Injection
SQL injection vulnerability in ZPanel 10.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the inEmailAddress parameter in an UpdateClient action in the manage_clients module to the default URI.
by pcsjj
CVE-2012-5684 EXPLOITDB text VERIFIED
ZPanel <10.0.1 - XSS
Cross-site scripting (XSS) vulnerability in ZPanel 10.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the inFullname parameter in an UpdateAccountSettings action in the my_account module to zpanel/.
by pcsjj
CVE-2012-5683 EXPLOITDB text VERIFIED
ZPanel 10.0.1- - CSRF
Multiple cross-site request forgery (CSRF) vulnerabilities in ZPanel 10.0.1 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) create new FTP users via a CreateFTP action in the ftp_management module to the default URI, (2) conduct cross-site scripting (XSS) attacks via the inFullname parameter in an UpdateAccountSettings action in the my_account module to zpanel/, or (3) conduct SQL injection attacks via the inEmailAddress parameter in an UpdateClient action in the manage_clients module to the default URI.
by pcsjj
CVE-2012-5686 EXPLOITDB CRITICAL text VERIFIED
ZPanel 10.0.1 - Info Disclosure
ZPanel 10.0.1 has insufficient entropy for its password reset process.
by pcsjj
CVSS 9.8
EIP-2026-104084 EXPLOITDB text VERIFIED
Sophos Products - Multiple Vulnerabilities
by Tavis Ormandy
EIP-2026-101584 EXPLOITDB text
CheckPoint/Sofaware Firewall - Multiple Vulnerabilities
by Procheckup
EIP-2026-117988 EXPLOITDB text VERIFIED
Sysax FTP Automation Server 5.33 - Local Privilege Escalation
by Craig Freyman
EIP-2026-115520 EXPLOITDB text VERIFIED
KMPlayer 3.3.0.33 - Multiple Vulnerabilities
by Mr.XHat
EIP-2026-114867 EXPLOITDB text VERIFIED
Adobe Reader 11.0.0 - Stack Overflow Crash (PoC)
by coolkaveh
EIP-2026-114082 EXPLOITDB text VERIFIED
WordPress Plugin Spider Catalog 1.1 - HTML Code Injection / Cross-Site Scripting
by D4NB4R
EIP-2026-105332 EXPLOITDB text VERIFIED
AWAuctionScript CMS - Multiple Remote Vulnerabilities
by X-Cisadane
EIP-2026-108822 EXPLOITDB text VERIFIED
Joomla! Component Parcoauto - 'idVeicolo' SQL Injection
by Andrea Bocchetti
CVE-2012-6653 EXPLOITDB text VERIFIED
All Video Gallery <1.2.0 - Info Disclosure
Unspecified vulnerability in the All Video Gallery (all-video-gallery) plugin before 1.2.0 for WordPress has unspecified impact and attack vectors.
by Ashiyane Digital Security Team
EIP-2026-113019 EXPLOITDB text VERIFIED
vBulletin ChangUonDyU Advanced Statistics - SQL Injection
by Juno_okyo
EIP-2026-111497 EXPLOITDB text
PrestaShop 1.5.1 - Persistent Cross-Site Scripting
by David Sopas
EIP-2026-106380 EXPLOITDB text VERIFIED
DCForum - 'auth_user_file.txt' File Multiple Information Disclosure Vulnerabilities
by r45c4l
EIP-2026-104914 EXPLOITDB text
Achievo 1.4.5 - Multiple Vulnerabilities (1)
by Canberk BOLAT
CVE-2012-5409 EXPLOITDB text
Siemens SiPass MP2.6 - RCE
AscoServer.exe in the server in Siemens SiPass integrated MP2.6 and earlier does not properly handle IOCP RPC messages received over an Ethernet network, which allows remote attackers to write data to any memory location and consequently execute arbitrary code via crafted messages, as demonstrated by an arbitrary pointer dereference attack or a buffer overflow attack.
by Lucas Apa
EIP-2026-116165 EXPLOITDB text VERIFIED
RealPlayer 15.0.6.14(.3g2) - 'WriteAV' Crash (PoC)
by coolkaveh
EIP-2026-113590 EXPLOITDB text VERIFIED
WordPress Plugin bbPress - Multiple Vulnerabilities
by Dark-Puzzle
EIP-2026-109714 EXPLOITDB text
MyBB Follower User Plugin - SQL Injection
by Zixem
EIP-2026-108866 EXPLOITDB text VERIFIED
Joomla! Component Spider Catalog 1.1 - 'Product_ID' SQL Injection
by D4NB4R
EIP-2026-106877 EXPLOITDB text
Endpoint Protector 4.0.4.2 - Multiple Persistent Cross-Site Scripting Vulnerabilities
by CYBSEC Labs
By Source
All 31,337 Writeup 60,223 Exploitdb 50,000 Nomisec 21,761 Metasploit 3,221 Github 2,593 Vulncheck_xdb 906 Inthewild 514 Gitlab 442 Gitee 415 Patchapalooza 312
By Language
text 31,337 python 5,970 ruby 5,910 c 3,567 perl 2,849 html 2,053 php 1,326 bash 460 java 362 c++ 250 javascript 215 shell 91 go 55 postscript 25 xml 24