Exploitdb Exploits

31,339 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-108813 EXPLOITDB text VERIFIED
Joomla! Component Odudeprofile 2.8 - 'profession' SQL Injection
by Daniel Barragan
EIP-2026-113772 EXPLOITDB text VERIFIED
WordPress Plugin Front End Upload 0.5.4.4 - Arbitrary '.PHP' File Upload
by Chris Kellum
EIP-2026-111185 EXPLOITDB text VERIFIED
phpProfiles - Multiple Vulnerabilities
by L0n3ly-H34rT
CVE-2012-2956 EXPLOITDB text VERIFIED
SpiceWorks 5.3.75941 - SQL Injection
SQL injection vulnerability in SpiceWorks 5.3.75941 allows remote authenticated users to execute arbitrary SQL commands via the id parameter to api_v2.json. NOTE: this entry was SPLIT per ADT2 due to different vulnerability types. CVE-2012-6658 is for the XSS.
by dookie
CVE-2012-6658 EXPLOITDB text VERIFIED
Spiceworks - XSS
Multiple cross-site scripting (XSS) vulnerabilities in SpiceWorks 5.3.75941 allow remote attackers to inject arbitrary web script or HTML via the (1) syslocation, (2) syscontact, or (3) sysName configuration in snmpd.conf. NOTE: this entry was SPLIT from CVE-2012-2956 per ADT2 due to different vulnerability types.
by dookie
CVE-2012-2961 EXPLOITDB text VERIFIED
Symantec Web Gateway <5.0.3.18 - SQL Injection
SQL injection vulnerability in the management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
by muts
EIP-2026-109801 EXPLOITDB text
MySQL Squid Access Report 2.1.4 - HTML Injection
by Daniel Godoy
EIP-2026-103261 EXPLOITDB text VERIFIED
Atmail WebAdmin and Webmail Control Panel - SQL Root Password Disclosure
by Ciph3r
CVE-2012-2570 EXPLOITDB text VERIFIED
X-Cart Gold 4.5 - XSS
Cross-site scripting (XSS) vulnerability in products_map.php in X-Cart Gold 4.5 allows remote attackers to inject arbitrary web script or HTML via the symb parameter.
by muts
CVE-2012-2570 EXPLOITDB text VERIFIED
X-Cart Gold 4.5 - XSS
Cross-site scripting (XSS) vulnerability in products_map.php in X-Cart Gold 4.5 allows remote attackers to inject arbitrary web script or HTML via the symb parameter.
by Am!r
EIP-2026-116060 EXPLOITDB text
PHP 6.0 - 'openssl_verify()' Local Buffer Overflow (PoC)
by Yakir Wizman
EIP-2026-116028 EXPLOITDB text
Oxide WebServer 2.0.4 - Denial of Service
by SecPod Research
CVE-2012-1769 EXPLOITDB text VERIFIED
Oracle Outside In Technology - DoS
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2012-1766, CVE-2012-1767, CVE-2012-1770, CVE-2012-1771, CVE-2012-1772, CVE-2012-1773, CVE-2012-3106, CVE-2012-3107, CVE-2012-3108, and CVE-2012-3110.
by Francis Provencher
CVE-2012-1770 EXPLOITDB text VERIFIED
Oracle Outside In Technology - DoS
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2012-1766, CVE-2012-1767, CVE-2012-1769, CVE-2012-1771, CVE-2012-1772, CVE-2012-1773, CVE-2012-3106, CVE-2012-3107, CVE-2012-3108, and CVE-2012-3110.
by Francis Provencher
CVE-2012-1744 EXPLOITDB text VERIFIED
Oracle Outside In Tech <8.3.5,8.3.7 - DoS
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent users to affect availability via unknown vectors related to Outside In Filters.
by Francis Provencher
EIP-2026-110884 EXPLOITDB text
PHP-Nuke module (SPChat) - SQL Injection
by Yakir Wizman
EIP-2026-109258 EXPLOITDB text VERIFIED
Maian Survey - '/index.php' URI redirection / Local File Inclusion
by PuN!Sh3r
EIP-2026-107709 EXPLOITDB text
iBoutique 4.0 - 'key' SQL Injection
by SecPod Research
CVE-2012-5851 EXPLOITDB text VERIFIED
Apple Webkit < 22.0.1229.96 - XSS
html/parser/XSSAuditor.cpp in WebCore in WebKit, as used in Google Chrome through 22 and Safari 5.1.7, does not consider all possible output contexts of reflected data, which makes it easier for remote attackers to bypass a cross-site scripting (XSS) protection mechanism via a crafted string, aka rdar problem 12019108.
by Tushar Dalvi
EIP-2026-108365 EXPLOITDB text VERIFIED
Joomla! Component com_hello - 'Controller' Local File Inclusion
by AJAX Security Team
CVE-2012-1915 EXPLOITDB MEDIUM text VERIFIED
Codeigniter < 2.1.2 - XSS
EllisLab CodeIgniter 2.1.2 allows remote attackers to bypass the xss_clean() Filter and perform XSS attacks.
by Krzysztof Kotowicz
CVSS 6.1
CVE-2012-4739 EXPLOITDB text VERIFIED
Barracuda SSL VPN <2.2.2.203 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Barracuda SSL VPN before 2.2.2.203 (2012-07-05) allow remote attackers to inject arbitrary web script or HTML via the (1) policyLaunching, (2) resourcePrefix, or (3) actionPath parameter in showUserResourceCategories.do; (4) list or (5) path parameter to fileSystem.do; or (6) return-To parameter to launchAgent.do.
by Benjamin Kunz Mejri
CVE-2012-4739 EXPLOITDB text VERIFIED
Barracuda SSL VPN <2.2.2.203 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Barracuda SSL VPN before 2.2.2.203 (2012-07-05) allow remote attackers to inject arbitrary web script or HTML via the (1) policyLaunching, (2) resourcePrefix, or (3) actionPath parameter in showUserResourceCategories.do; (4) list or (5) path parameter to fileSystem.do; or (6) return-To parameter to launchAgent.do.
by Benjamin Kunz Mejri
EIP-2026-107198 EXPLOITDB text
Forum Oxalis 0.1.2 - SQL Injection
by Jean Pascal Pereira
EIP-2026-105327 EXPLOITDB text VERIFIED
AVA VoIP - Multiple Vulnerabilities
by Ibrahim El-Sayed
By Source
All 31,339 Writeup 60,258 Exploitdb 50,004 Nomisec 21,809 Metasploit 3,224 Github 2,599 Vulncheck_xdb 906 Inthewild 514 Gitlab 442 Gitee 415 Patchapalooza 312
By Language
text 31,339 python 5,976 ruby 5,913 c 3,568 perl 2,849 html 2,053 php 1,326 bash 460 java 362 c++ 250 javascript 215 shell 91 go 55 postscript 25 xml 24