Text Exploits

31,337 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-115126 EXPLOITDB text VERIFIED
Cyme ChartFX Client Server - ActiveX Control Array Indexing
by Francis Provencher
CVE-2012-4902 EXPLOITDB text
Template CMS <2.1.1 - CSRF
Multiple cross-site request forgery (CSRF) vulnerabilities in Template CMS 2.1.1 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) create an administrator user via an add action to admin/index.php or (2) conduct static PHP code injection attacks via the themes_editor parameter in an edit_template action to admin/index.php.
by High-Tech Bridge SA
EIP-2026-111153 EXPLOITDB text VERIFIED
phpMyChat Plus 1.94 RC1 - Multiple Vulnerabilities
by L0n3ly-H34rT
EIP-2026-111146 EXPLOITDB text VERIFIED
phpMyBitTorrent 2.04 - Multiple Vulnerabilities
by waraxe
EIP-2026-114081 EXPLOITDB text VERIFIED
WordPress Plugin spider Calendar - Multiple Vulnerabilities
by D4NB4R
EIP-2026-110035 EXPLOITDB text
Omnistar Mailer 7.2 - Multiple Vulnerabilities
by Vulnerability-Lab
CVE-2012-10037 EXPLOITDB CRITICAL text VERIFIED
PhpTax 0.8 - RCE
PhpTax version 0.8 contains a remote code execution vulnerability in drawimage.php. The pfilez GET parameter is unsafely passed to the exec() function without sanitization. A remote attacker can inject arbitrary shell commands, leading to code execution under the web server's context. No authentication is required.
by Jean Pascal Pereira
EIP-2026-114603 EXPLOITDB text VERIFIED
ZenPhoto - 'admin-news-articles.php' Cross-Site Scripting
by Scott Herbert
EIP-2026-112515 EXPLOITDB text VERIFIED
Switchvox - Multiple HTML Injection Vulnerabilities
by Ibrahim El-Sayed
EIP-2026-103005 EXPLOITDB text
soapbox 0.3.1 - Local Privilege Escalation
by Jean Pascal Pereira
EIP-2026-115282 EXPLOITDB text VERIFIED
Foxit Reader 5.4.3.0920 - Crash (PoC)
by coolkaveh
EIP-2026-110033 EXPLOITDB text VERIFIED
Omnistar Mailer - Multiple SQL Injections / HTML Injection Vulnerabilities
by Vulnerability Laboratory
EIP-2026-105066 EXPLOITDB text VERIFIED
AlamFifa CMS - 'user_name_cookie' SQL Injection
by L0n3ly-H34rT
EIP-2026-103936 EXPLOITDB text VERIFIED
IBM Lotus Notes Traveler 8.5.1.x - Multiple Input Validation Vulnerabilities
by MustLive
EIP-2026-117912 EXPLOITDB text
Smartfren Connex EC 1261-2 UI OUC - Local Privilege Escalation
by X-Cisadane
CVE-2012-4051 EXPLOITDB text
Jamf Casper Suite < 8.6 - CSRF
Multiple cross-site request forgery (CSRF) vulnerabilities in editAccount.html in the JAMF Software Server (JSS) interface in JAMF Casper Suite before 8.61 allow remote attackers to hijack the authentication of administrators for requests that (1) create user accounts or (2) change passwords via a Save action.
by Jacob Holcomb
EIP-2026-113521 EXPLOITDB text VERIFIED
WordPress Plugin ABC Test - 'id' Cross-Site Scripting
by Scott Herbert
EIP-2026-113064 EXPLOITDB text
ViArt Shop Evaluation 4.1 - Multiple Remote File Inclusions
by L0n3ly-H34rT
EIP-2026-103251 EXPLOITDB text VERIFIED
YingZhiPython - Directory Traversal / Arbitrary File Upload
by Larry Cashdollar
CVE-2011-1613 EXPLOITDB text
Cisco Wireless LAN Controller <6.0.200.0-7.0.112.0 - DoS
Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 6.0 before 6.0.200.0, 7.0 before 7.0.98.216, and 7.0.1xx before 7.0.112.0 allows remote attackers to cause a denial of service (device reload) via a sequence of ICMP packets, aka Bug ID CSCth74426.
by Daniel Smith
EIP-2026-114120 EXPLOITDB text VERIFIED
WordPress Plugin Token Manager - 'tid' Cross-Site Scripting
by TheCyberNuxbie
EIP-2026-113063 EXPLOITDB text
ViArt Shop Enterprise 4.1 - Arbitrary Command Execution
by LiquidWorm
EIP-2026-100942 EXPLOITDB text VERIFIED
ZEN Load Balancer - Multiple Vulnerabilities
by Brendan Coles
EIP-2026-114514 EXPLOITDB text VERIFIED
YCommerce - Multiple SQL Injections
by Ricardo Almeida
CVE-2012-4242 EXPLOITDB text VERIFIED
MF Gig Calendar - XSS
Cross-site scripting (XSS) vulnerability in the MF Gig Calendar plugin 0.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the query string to the calendar page.
by Chris Cooper
By Source
All 31,337 Writeup 60,223 Exploitdb 50,000 Nomisec 21,767 Metasploit 3,222 Github 2,593 Vulncheck_xdb 906 Inthewild 514 Gitlab 442 Gitee 415 Patchapalooza 312
By Language
text 31,337 python 5,970 ruby 5,911 c 3,567 perl 2,849 html 2,053 php 1,326 bash 460 java 362 c++ 250 javascript 215 shell 91 go 55 postscript 25 xml 24