Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-105531 EXPLOITDB text
BlogPHP 2.0 - Persistent Cross-Site Scripting
by Paulzz
CVE-2011-2132 EXPLOITDB text VERIFIED
Adobe Flash Media Server - Memory Corruption
Adobe Flash Media Server (FMS) before 3.5.7, and 4.x before 4.0.3, allows attackers to cause a denial of service (memory corruption) via unspecified vectors.
by Knud Erik Hojgaard
EIP-2026-114484 EXPLOITDB text VERIFIED
XpressEngine 1.4.5.7 - Persistent Cross-Site Scripting
by v0nSch3lling
EIP-2026-111961 EXPLOITDB text VERIFIED
Search Network 2.0 - 'query' Cross-Site Scripting
by darkTR
EIP-2026-105561 EXPLOITDB text VERIFIED
BlueSoft Rate My Photo Site - 'ty' SQL Injection
by darkTR
EIP-2026-105560 EXPLOITDB text VERIFIED
BlueSoft Banner Exchange - 'referer_id' SQL Injection
by darkTR
EIP-2026-112116 EXPLOITDB text
Simple Machines Forum (SMF) 2.0 - Session Hijacking
by seth
EIP-2026-114152 EXPLOITDB text VERIFIED
WordPress Plugin UPM Polls 1.0.3 - SQL Injection
by Miroslav Stampar
EIP-2026-113886 EXPLOITDB text VERIFIED
WordPress Plugin Media Library Categories 1.0.6 - SQL Injection
by Miroslav Stampar
EIP-2026-105754 EXPLOITDB text VERIFIED
Cart Software - Multiple Vulnerabilities
by hosinn
EIP-2026-105290 EXPLOITDB text
ATutor 2.0.2 - Multiple Vulnerabilities
by LiquidWorm
EIP-2026-104918 EXPLOITDB text
acontent 1.1 - Multiple Vulnerabilities
by LiquidWorm
EIP-2026-104907 EXPLOITDB text
AChecker 1.2 - Multiple Error-Based SQL Injection Vulnerabilities
by LiquidWorm
EIP-2026-116408 EXPLOITDB text
threedify designer 5.0.2 - Multiple Vulnerabilities
by High-Tech Bridge SA
CVE-2011-5286 EXPLOITDB text VERIFIED
Social Slider < 7.4.0 - SQL Injection via rA Array Parameter
SQL injection vulnerability in social-slider-2/ajax.php in the Social Slider plugin before 7.4.2 for WordPress allows remote attackers to execute arbitrary SQL commands via the rA array parameter.
by Miroslav Stampar
EIP-2026-113988 EXPLOITDB text VERIFIED
WordPress Plugin ProPlayer 4.7.7 - SQL Injection
by Miroslav Stampar
EIP-2026-112325 EXPLOITDB text VERIFIED
Softbiz Recipes Portal Script - Multiple Cross-Site Scripting Vulnerabilities
by Net.Edit0r
EIP-2026-114212 EXPLOITDB text VERIFIED
WordPress Plugin WP E-Commerce 3.8.6 - 'cart_messages[]' Cross-Site Scripting
by High-Tech Bridge SA
EIP-2026-104227 EXPLOITDB text VERIFIED
DZYGroup CMS Portal - Multiple SQL Injections
by Netrondoank
EIP-2026-104137 EXPLOITDB text VERIFIED
Xpdf 3.02-13 - 'zxpdf' Security Bypass
by Chung-chieh Shan
EIP-2026-100226 EXPLOITDB text VERIFIED
Community Server 2007/2008 - 'TagSelector.aspx' Cross-Site Scripting
by PontoSec
CVE-2011-4106 EXPLOITDB text VERIFIED
TimThumb < 2.0 - Remote Code Execution via Domain Whitelist Bypass
TimThumb (timthumb.php) before 2.0 does not validate the entire source with the domain white list, which allows remote attackers to upload and execute arbitrary code via a URL containing a white-listed domain in the src parameter, then accessing it via a direct request to the file in the cache directory, as exploited in the wild in August 2011.
by MaXe
EIP-2026-109617 EXPLOITDB text VERIFIED
mt LinkDatenbank - 'b' Cross-Site Scripting
by Err0R
EIP-2026-108600 EXPLOITDB text VERIFIED
Joomla! Component com_xeslidegalfx - 'id' SQL Injection
by Ne0 H4ck3R
EIP-2026-108389 EXPLOITDB text VERIFIED
Joomla! Component com_jdirectory - SQL Injection
by Caddy Dz
By Source
All 31,386 Writeup 62,491 Exploitdb 50,076 Nomisec 22,459 Github 3,677 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,598 ruby 6,006 c 3,631 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 231 shell 133 go 73 postscript 25 typescript 25