Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
CVE-2011-4273 EXPLOITDB text VERIFIED
GoAhead Webserver 2.18 - Cross-Site Scripting via Group Parameter or URL Parameter
Multiple cross-site scripting (XSS) vulnerabilities in GoAhead Webserver 2.18 allow remote attackers to inject arbitrary web script or HTML via (1) the group parameter to goform/AddGroup, related to addgroup.asp; (2) the url parameter to goform/AddAccessLimit, related to addlimit.asp; or the (3) user (aka User ID) or (4) group parameter to goform/AddUser, related to adduser.asp.
by Silent Dream
CVE-2011-4273 EXPLOITDB text VERIFIED
GoAhead Webserver 2.18 - Cross-Site Scripting via Group Parameter or URL Parameter
Multiple cross-site scripting (XSS) vulnerabilities in GoAhead Webserver 2.18 allow remote attackers to inject arbitrary web script or HTML via (1) the group parameter to goform/AddGroup, related to addgroup.asp; (2) the url parameter to goform/AddAccessLimit, related to addlimit.asp; or the (3) user (aka User ID) or (4) group parameter to goform/AddUser, related to adduser.asp.
by Silent Dream
CVE-2011-4871 EXPLOITDB text VERIFIED
OPC Systems.NET < 4.0 - Denial of Service via Malformed .NET RPC Packet
Open Automation Software OPC Systems.NET before 5.0 allows remote attackers to cause a denial of service via a malformed .NET RPC packet on TCP port 58723.
by Luigi Auriemma
CVE-2011-4883 EXPLOITDB text VERIFIED
atvise webMI2ADS < 2.0.2 - Denial of Service via HTTP Request Validation Bypass
The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 does not properly validate values in HTTP requests, which allows remote attackers to cause a denial of service (resource consumption) via a crafted request.
by Luigi Auriemma
EIP-2026-111802 EXPLOITDB text
Roundcube Webmail 0.3.1 - Cross-Site Request Forgery / SQL Injection
by Smith Falcon
EIP-2026-111420 EXPLOITDB text
POSH - Multiple Vulnerabilities
by Crashfr
EIP-2026-110302 EXPLOITDB text
openEngine 2.0 - Multiple Blind SQL Injection Vulnerabilities
by Stefan Schurtz
CVE-2011-4569 EXPLOITDB text VERIFIED
Userbar plugin 2.2 for MyBB Forum - SQL Injection via image2 Parameter
SQL injection vulnerability in userbarsettings.php in the Userbar plugin 2.2 for MyBB Forum allows remote attackers to execute arbitrary SQL commands via the image2 parameter.
by Mario_Vs
CVE-2011-5278 EXPLOITDB text VERIFIED
Advanced Forum Signatures 2.0.4 - SQL Injection via afs_bar_right Parameter
SQL injection vulnerability in signature.php in Advanced Forum Signatures plugin (aka afsignatures) 2.0.4 for MyBB allows remote attackers to execute arbitrary SQL commands via the afs_bar_right parameter.
by Mario_Vs
EIP-2026-108959 EXPLOITDB text
KaiBB 2.0.1 - SQL Injection
by Stefan Schurtz
EIP-2026-108049 EXPLOITDB text VERIFIED
Jaws 0.8.14 - Multiple Remote File Inclusions
by indoushka
EIP-2026-107097 EXPLOITDB text
Filmis 0.2 Beta - Multiple Vulnerabilities
by M.Jock3R
EIP-2026-106178 EXPLOITDB text
cotonti CMS 0.9.4 - Multiple Vulnerabilities
by LiquidWorm
EIP-2026-104866 EXPLOITDB text VERIFIED
6KBBS 8.0 build 20101201 - Cross-Site Scripting / Information Disclosure
by labs insight
EIP-2026-104865 EXPLOITDB text
6kbbs - Multiple Vulnerabilities
by labs insight
EIP-2026-108342 EXPLOITDB text VERIFIED
Joomla! Component com_expedition - 'id' SQL Injection
by BHG Security Center
EIP-2026-107463 EXPLOITDB text
GotoCode Online Classifieds - Multiple Vulnerabilities
by Nathaniel Carew
CVE-2011-4026 EXPLOITDB text
NexusPHP 1.5 - SQL Injection via Thanks.php ID Parameter
SQL injection vulnerability in thanks.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by flyh4t
CVE-2011-4570 EXPLOITDB text VERIFIED
Time Returns (com_timereturns) 2.0 - SQL Injection via id Parameter
SQL injection vulnerability in the Time Returns (com_timereturns) component 2.0 and possibly earlier versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a timereturns action to index.php.
by kaMtiEz
EIP-2026-105592 EXPLOITDB text
BOOKSolved 1.2.2 - Remote File Disclosure
by bd0rk
EIP-2026-112920 EXPLOITDB text
URL Shortener Script 1.0 - SQL Injection
by M.Jock3R
EIP-2026-106791 EXPLOITDB text
EFront 3.6.9 Community Edition - Multiple Vulnerabilities
by IHTeam
EIP-2026-105665 EXPLOITDB text VERIFIED
BuzzyWall 1.3.2 - 'resolute.php' Information Disclosure
by cr4wl3r
EIP-2026-112802 EXPLOITDB text VERIFIED
Tsmim Lessons Library - 'show.php' SQL Injection
by M.Jock3R
CVE-2011-4564 EXPLOITDB text VERIFIED
Active CMS 1.2 - Cross-Site Scripting via Admin Script Mod Parameter
Cross-site scripting (XSS) vulnerability in the admin script in Active CMS 1.2 allows remote attackers to inject arbitrary web script or HTML via the mod parameter in a module action.
by Stefan Schurtz
By Source
All 31,386 Writeup 62,466 Exploitdb 50,076 Nomisec 22,446 Github 3,667 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,592 ruby 6,006 c 3,631 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 231 shell 133 go 73 postscript 25 typescript 25