Text Exploits

31,433 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-109801 EXPLOITDB text
MySQL Squid Access Report 2.1.4 - HTML Injection
by Daniel Godoy
EIP-2026-103261 EXPLOITDB text VERIFIED
Atmail WebAdmin and Webmail Control Panel - SQL Root Password Disclosure
by Ciph3r
CVE-2012-2570 EXPLOITDB text VERIFIED
X-Cart Gold 4.5 - Cross-Site Scripting via products_map.php symb Parameter
Cross-site scripting (XSS) vulnerability in products_map.php in X-Cart Gold 4.5 allows remote attackers to inject arbitrary web script or HTML via the symb parameter.
by muts
CVE-2012-2570 EXPLOITDB text VERIFIED
X-Cart Gold 4.5 - Cross-Site Scripting via products_map.php symb Parameter
Cross-site scripting (XSS) vulnerability in products_map.php in X-Cart Gold 4.5 allows remote attackers to inject arbitrary web script or HTML via the symb parameter.
by Am!r
EIP-2026-116060 EXPLOITDB text
PHP 6.0 - 'openssl_verify()' Local Buffer Overflow (PoC)
by Yakir Wizman
EIP-2026-116028 EXPLOITDB text
Oxide WebServer 2.0.4 - Denial of Service
by SecPod Research
CVE-2012-1769 EXPLOITDB text VERIFIED
Oracle Fusion Middleware 8.3.5 and 8.3.7 - Denial of Service in Outside In Filters
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2012-1766, CVE-2012-1767, CVE-2012-1770, CVE-2012-1771, CVE-2012-1772, CVE-2012-1773, CVE-2012-3106, CVE-2012-3107, CVE-2012-3108, and CVE-2012-3110.
by Francis Provencher
CVE-2012-1770 EXPLOITDB text VERIFIED
Oracle Fusion Middleware 8.3.5 and 8.3.7 - Denial of Service in Outside In Filters
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2012-1766, CVE-2012-1767, CVE-2012-1769, CVE-2012-1771, CVE-2012-1772, CVE-2012-1773, CVE-2012-3106, CVE-2012-3107, CVE-2012-3108, and CVE-2012-3110.
by Francis Provencher
CVE-2012-1744 EXPLOITDB text VERIFIED
Oracle Outside In Tech <8.3.5,8.3.7 - DoS
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent users to affect availability via unknown vectors related to Outside In Filters.
by Francis Provencher
EIP-2026-110884 EXPLOITDB text
PHP-Nuke module (SPChat) - SQL Injection
by Yakir Wizman
EIP-2026-109258 EXPLOITDB text VERIFIED
Maian Survey - '/index.php' URI redirection / Local File Inclusion
by PuN!Sh3r
EIP-2026-107709 EXPLOITDB text
iBoutique 4.0 - 'key' SQL Injection
by SecPod Research
CVE-2012-5851 EXPLOITDB text VERIFIED
WebKit - Cross-Site Scripting Bypass via Reflected Data
html/parser/XSSAuditor.cpp in WebCore in WebKit, as used in Google Chrome through 22 and Safari 5.1.7, does not consider all possible output contexts of reflected data, which makes it easier for remote attackers to bypass a cross-site scripting (XSS) protection mechanism via a crafted string, aka rdar problem 12019108.
by Tushar Dalvi
EIP-2026-108365 EXPLOITDB text VERIFIED
Joomla! Component com_hello - 'Controller' Local File Inclusion
by AJAX Security Team
CVE-2012-1915 EXPLOITDB MEDIUM text VERIFIED
CodeIgniter < 2.1.2 - Cross-Site Scripting via xss_clean() Filter Bypass
EllisLab CodeIgniter 2.1.2 allows remote attackers to bypass the xss_clean() Filter and perform XSS attacks.
by Krzysztof Kotowicz
CVSS 6.1
CVE-2012-4739 EXPLOITDB text VERIFIED
Barracuda SSL VPN < 2.2.2.203 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Barracuda SSL VPN before 2.2.2.203 (2012-07-05) allow remote attackers to inject arbitrary web script or HTML via the (1) policyLaunching, (2) resourcePrefix, or (3) actionPath parameter in showUserResourceCategories.do; (4) list or (5) path parameter to fileSystem.do; or (6) return-To parameter to launchAgent.do.
by Benjamin Kunz Mejri
CVE-2012-4739 EXPLOITDB text VERIFIED
Barracuda SSL VPN < 2.2.2.203 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Barracuda SSL VPN before 2.2.2.203 (2012-07-05) allow remote attackers to inject arbitrary web script or HTML via the (1) policyLaunching, (2) resourcePrefix, or (3) actionPath parameter in showUserResourceCategories.do; (4) list or (5) path parameter to fileSystem.do; or (6) return-To parameter to launchAgent.do.
by Benjamin Kunz Mejri
EIP-2026-107198 EXPLOITDB text
Forum Oxalis 0.1.2 - SQL Injection
by Jean Pascal Pereira
EIP-2026-105327 EXPLOITDB text VERIFIED
AVA VoIP - Multiple Vulnerabilities
by Ibrahim El-Sayed
EIP-2026-113233 EXPLOITDB text VERIFIED
web@all - 'name' Cross-Site Scripting
by Sammy FORGIT
EIP-2026-112952 EXPLOITDB text
VamCart CMS 0.9 - Multiple Vulnerabilities
by Vulnerability-Lab
EIP-2026-112105 EXPLOITDB text VERIFIED
Simple Machines 2.0.2 - Multiple HTML Injection Vulnerabilities
by Benjamin Kunz Mejri
EIP-2026-111670 EXPLOITDB text VERIFIED
Rama Zeiten CMS - 'download.php' Remote File Disclosure
by Sammy FORGIT
EIP-2026-110512 EXPLOITDB text
PBBoard CMS 2.1.4 - Multiple Vulnerabilities
by Vulnerability-Lab
EIP-2026-106932 EXPLOITDB text VERIFIED
Event Calender PHP - Multiple Input Validation Vulnerabilities
by snup
By Source
All 31,433 Writeup 62,183 Exploitdb 50,126 Nomisec 22,380 Github 3,588 Metasploit 3,311 Vulncheck_xdb 927 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,433 python 6,554 ruby 6,001 c 3,625 perl 2,849 html 2,074 php 1,333 bash 462 java 370 c++ 260 javascript 229 shell 131 go 73 postscript 25 typescript 25