Exploitdb Exploits

31,394 exploits tracked across all sources.

Sort: Activity Stars
CVE-2012-2698 EXPLOITDB text VERIFIED
MediaWiki <1.17.5, <1.18.4, <1.19.1 - XSS
Cross-site scripting (XSS) vulnerability in the outputPage function in includes/SkinTemplate.php in MediaWiki before 1.17.5, 1.18.x before 1.18.4, and 1.19.x before 1.19.1 allows remote attackers to inject arbitrary web script or HTML via the uselang parameter to index.php/Main_page.
by anonymous
EIP-2026-107309 EXPLOITDB text VERIFIED
Funeral Script PHP - Cross-Site Scripting / SQL Injection
by snup
CVE-2012-6666 EXPLOITDB MEDIUM text VERIFIED
vBSeo < 3.8.7 - Cross-Site Scripting via member.php u Parameter
vBSeo before 3.6.0PL2 allows XSS via the member.php u parameter.
by MegaMan
CVSS 6.1
EIP-2026-116622 EXPLOITDB text VERIFIED
XnView - '.RAS' Image Processing Heap Overflow
by Francis Provencher
EIP-2026-116621 EXPLOITDB text VERIFIED
XnView - '.FlashPix' Image Processing Heap Overflow
by Francis Provencher
EIP-2026-116620 EXPLOITDB text VERIFIED
XnView - '.ECW' Image Processing Heap Overflow
by Francis Provencher
EIP-2026-113576 EXPLOITDB text VERIFIED
WordPress Plugin Automatic 2.0.3 - SQL Injection
by nick58
EIP-2026-113333 EXPLOITDB text VERIFIED
webo site speedup 1.6.1 - Multiple Vulnerabilities
by dun
EIP-2026-113303 EXPLOITDB text VERIFIED
Webify (Multiple Products) - Multiple HTML Injection / Local File Inclusions
by snup
EIP-2026-112087 EXPLOITDB text VERIFIED
Simple Document Management System 1.1.5 - Multiple SQL Injections
by JosS
EIP-2026-110683 EXPLOITDB text VERIFIED
PHP Decoda 3.3.1 - Local File Inclusion
by Number 7
EIP-2026-109987 EXPLOITDB text VERIFIED
Nuked Klan SP CMS 4.5 - SQL Injection
by Vulnerability-Lab
EIP-2026-109909 EXPLOITDB text VERIFIED
News Script PHP 1.2 - Multiple Vulnerabilities
by Vulnerability-Lab
EIP-2026-107958 EXPLOITDB text VERIFIED
iScripts EasyCreate 2.0 - Multiple Vulnerabilities
by Vulnerability-Lab
EIP-2026-101786 EXPLOITDB text
Huawei HG866 - Authentication Bypass
by hkm
EIP-2026-113944 EXPLOITDB text VERIFIED
WordPress Plugin ORGanizer - Multiple Vulnerabilities
by MustLive
EIP-2026-108690 EXPLOITDB text VERIFIED
Joomla! Component JCal Pro Calendar - SQL Injection
by Taurus Omar
EIP-2026-104951 EXPLOITDB text VERIFIED
ADICO - 'index.php' Script SQL Injection
by Ibrahim El-Sayed
CVE-2012-1661 EXPLOITDB text
ESRI ArcMap < 10.0.2.3200 - Arbitrary VBA Code Execution via Crafted Map File
ESRI ArcMap 9 and ArcGIS 10.0.2.3200 and earlier does not properly prompt users before executing embedded VBA macros, which allows user-assisted remote attackers to execute arbitrary VBA code via a crafted map (.mxd) file.
by Boston Cyber Defense
EIP-2026-112516 EXPLOITDB text VERIFIED
Swoopo Gold Shop CMS 8.4.56 - Multiple Web Vulnerabilities
by Vulnerability-Lab
EIP-2026-112407 EXPLOITDB text
Squirrelcart Cart Shop 3.3.4 - Multiple Web Vulnerabilities
by Vulnerability-Lab
EIP-2026-112094 EXPLOITDB text VERIFIED
Simple Forum PHP - Multiple SQL Injections
by Vulnerability Research Laboratory
EIP-2026-109865 EXPLOITDB text VERIFIED
NetArt Media Jobs Portal - SQL Injection
by Ibrahim El-Sayed
CVE-2012-4258 EXPLOITDB text VERIFIED
MYRE Real Estate Software 2012 Q2 - SQL Injection via link_idd or userid Parameter
Multiple SQL injection vulnerabilities in MYRE Real Estate Software (2012 Q2) allow remote attackers to execute arbitrary SQL commands via the (1) link_idd parameter to 1_mobile/listings.php or (2) userid parameter to 1_mobile/agentprofile.php.
by Vulnerability-Lab
EIP-2026-105771 EXPLOITDB text VERIFIED
Cells Blog CMS 1.1 - Multiple Web Vulnerabilities
by Vulnerability-Lab