Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
CVE-2012-2905 EXPLOITDB text VERIFIED
Artiphp CMS 5.5.0 Neo - Info Disclosure
Artiphp CMS 5.5.0 Neo (r422) stores database backups with predictable names under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request.
by LiquidWorm
EIP-2026-103523 EXPLOITDB text
Java - Trigerring Java Code from a .SVG Image
by Nicolas Gregoire
CVE-2012-6622 EXPLOITDB text VERIFIED
ForumPress < 1.7.4 - Cross-Site Scripting via groupid or usergroup_id Parameter
Multiple cross-site scripting (XSS) vulnerabilities in fs-admin/fs-admin.php in the ForumPress WP Forum Server plugin before 1.7.4 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) groupid parameter in an editgroup action or (2) usergroup_id parameter in an edit_usergroup action.
by Heine Pedersen
EIP-2026-114122 EXPLOITDB text VERIFIED
WordPress Plugin Track That Stat 1.0.8 - Cross-Site Scripting
by Heine Pedersen
CVE-2012-6624 EXPLOITDB text VERIFIED
SoundCloud Is Gold 2.1 - Cross-Site Scripting via Width Parameter
Cross-site scripting (XSS) vulnerability in the SoundCloud Is Gold plugin 2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the width parameter in a soundcloud_is_gold_player_preview action to wp-admin/admin-ajax.php.
by Heine Pedersen
EIP-2026-114038 EXPLOITDB text VERIFIED
WordPress Plugin Sharebar 1.2.1 - SQL Injection / Cross-Site Scripting
by Heine Pedersen
CVE-2012-2917 EXPLOITDB text VERIFIED
WordPress Share and Follow <1.80.3 - XSS
Cross-site scripting (XSS) vulnerability in the Share and Follow plugin 1.80.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the CDN API Key (cnd-key) in a share-and-follow-menu page to wp-admin/admin.php.
by Heine Pedersen
EIP-2026-113985 EXPLOITDB text VERIFIED
WordPress Plugin Pretty Link Lite 1.5.2 - SQL Injection / Cross-Site Scripting
by Heine Pedersen
EIP-2026-113949 EXPLOITDB text VERIFIED
WordPress Plugin PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities
by Heine Pedersen
EIP-2026-113921 EXPLOITDB text VERIFIED
WordPress Plugin NewsLetter Manager 1.0 - Multiple Cross-Site Scripting Vulnerabilities
by Heine Pedersen
EIP-2026-113920 EXPLOITDB text VERIFIED
WordPress Plugin Network Publisher 5.0.1 - 'networkpub_key' Cross-Site Scripting
by Heine Pedersen
EIP-2026-113895 EXPLOITDB text VERIFIED
WordPress Plugin Mingle Forum 1.0.33 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities
by Heine Pedersen
EIP-2026-113885 EXPLOITDB text VERIFIED
WordPress Plugin Media Library Categories - Multiple Cross-Site Scripting Vulnerabilities
by Heine Pedersen
EIP-2026-113861 EXPLOITDB text VERIFIED
WordPress Plugin LeagueManager 3.7 - Multiple Cross-Site Scripting Vulnerabilities
by Heine Pedersen
CVE-2012-2913 EXPLOITDB text VERIFIED
Leaflet Maps Marker Plugin 0.0.1 - Cross-Site Scripting via id Parameter
Multiple cross-site scripting (XSS) vulnerabilities in the Leaflet plugin 0.0.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) leaflet_layer.php or (2) leaflet_marker.php, as reachable through wp-admin/admin.php.
by Heine Pedersen
CVE-2012-2913 EXPLOITDB text VERIFIED
Leaflet Maps Marker Plugin 0.0.1 - Cross-Site Scripting via id Parameter
Multiple cross-site scripting (XSS) vulnerabilities in the Leaflet plugin 0.0.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) leaflet_layer.php or (2) leaflet_marker.php, as reachable through wp-admin/admin.php.
by Heine Pedersen
EIP-2026-113819 EXPLOITDB text VERIFIED
WordPress Plugin iFrame Admin Pages 0.1 - 'main_page.php' Cross-Site Scripting
by Heine Pedersen
EIP-2026-113802 EXPLOITDB text VERIFIED
WordPress Plugin GRAND Flash Album Gallery 1.71 - 'admin.php' Cross-Site Scripting
by Heine Pedersen
EIP-2026-113782 EXPLOITDB text VERIFIED
WordPress Plugin GD Star Rating 1.9.16 - 'tpl_section' Cross-Site Scripting
by Heine Pedersen
EIP-2026-113698 EXPLOITDB text VERIFIED
WordPress Plugin Dynamic Widgets 1.5.1 - 'themes.php' Cross-Site Scripting
by Heine Pedersen
EIP-2026-113622 EXPLOITDB text VERIFIED
WordPress Plugin CataBlog 1.6 - 'admin.php' Cross-Site Scripting
by Heine Pedersen
EIP-2026-113514 EXPLOITDB text VERIFIED
WordPress Plugin 2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities
by Heine Pedersen
CVE-2012-6626 EXPLOITDB text VERIFIED
Brian Cabunac Browser TO Email Phone Message System - SQL Injection
SQL injection vulnerability in verify-user.php in b2ePMS 1.0 allows remote attackers to execute arbitrary SQL commands via the username field.
by Jean Pascal Pereira
CVE-2012-3797 EXPLOITDB text VERIFIED
Pro-face Pro-Server EX < 1.30.000 and WinGP PC Runtime < 3.1.00 - Heap Memory Corruption via Crafted Packet
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, does not properly check packet sizes before reusing packet memory buffers, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a short crafted packet with a certain opcode.
by Luigi Auriemma
EIP-2026-103470 EXPLOITDB text VERIFIED
FlexNet License Server Manager - Stack Overflow In lmgrd
by Luigi Auriemma
By Source
All 31,386 Writeup 62,194 Exploitdb 50,076 Nomisec 22,389 Github 3,603 Metasploit 3,311 Vulncheck_xdb 927 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,561 ruby 6,002 c 3,626 perl 2,849 html 2,075 php 1,333 bash 462 java 370 c++ 260 javascript 229 shell 131 go 73 postscript 25 typescript 25