Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-115808 EXPLOITDB text
Microsoft Windows Media Player with K-Lite Codec Pack - Denial of Service (PoC)
by Nicolas Krassas
EIP-2026-115751 EXPLOITDB text VERIFIED
Microsoft Office XP - Remote code Execution
by Francis Provencher
CVE-2011-1872 EXPLOITDB text VERIFIED
Microsoft Windows Server <2008 Gold-SP1 - DoS
Hyper-V in Microsoft Windows Server 2008 Gold, SP2, R2, and R2 SP1 allows guest OS users to cause a denial of service (host OS infinite loop) via malformed machine instructions in a VMBus packet, aka "VMBus Persistent DoS Vulnerability."
by Core Security
EIP-2026-112980 EXPLOITDB text VERIFIED
vBTube 1.2.9 - 'vBTube.php' Multiple Cross-Site Scripting Vulnerabilities
by Mr.ThieF
EIP-2026-106269 EXPLOITDB text
cubecart 2.0.7 - Multiple Vulnerabilities
by Shamus
CVE-2011-2202 EXPLOITDB text VERIFIED
PHP < 5.3.7 - Path Traversal and Arbitrary File Write via Multipart Form-Data Filename
The rfc1867_post_handler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote attackers to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, via a crafted upload request, related to a "file path injection vulnerability."
by Krzysztof Kotowicz
EIP-2026-113280 EXPLOITDB text VERIFIED
WebFileExplorer 3.6 - 'user' / 'pass' SQL Injection
by pentesters.ir
EIP-2026-108851 EXPLOITDB text VERIFIED
Joomla! Component Scriptegrator 1.5 - Local File Inclusion
by jdc
EIP-2026-108788 EXPLOITDB text VERIFIED
Joomla! Component Minitek FAQ Book 1.3 - 'id' SQL Injection
by kaMtiEz
EIP-2026-104378 EXPLOITDB text VERIFIED
Oracle HTTP Server - Cross-Site Scripting Header Injection
by Yasser ABOUKIR
EIP-2026-100432 EXPLOITDB text VERIFIED
Microsoft Lync Server 2010 - 'ReachJoin.aspx' Remote Command Injection
by Mark Lachniet
CVE-2011-5211 EXPLOITDB text VERIFIED
Subrion CMS 2.0.4 - Cross-Site Scripting via Poll Title Field
Cross-site scripting (XSS) vulnerability in the poll module in Subrion CMS 2.0.4 allows remote attackers to inject arbitrary web script or HTML via the title field. NOTE: some of these details are obtained from third party information. NOTE: this might overlap CVE-2012-5452.
by Karthik R
EIP-2026-119446 EXPLOITDB text VERIFIED
Trend Micro Data Loss Prevention Virtual Appliance 5.5 - Directory Traversal
by White Hat Consultores
CVE-2011-5212 EXPLOITDB text VERIFIED
Subrion CMS 2.0.4 - SQL Injection via Admin Login Fields
SQL injection vulnerability in admin/index.php in Subrion CMS 2.0.4 allows remote attackers to execute arbitrary SQL commands via the (1) user name or (2) password field.
by Karthik R
EIP-2026-119444 EXPLOITDB text VERIFIED
Tele Data Contact Management Server - Directory Traversal
by AutoSec Tools
EIP-2026-119142 EXPLOITDB text VERIFIED
Simple Web Server 1.2 - Directory Traversal
by AutoSec Tools
EIP-2026-112737 EXPLOITDB text VERIFIED
Tolinet Agencia - 'id' SQL Injection
by Andrea Bocchetti
EIP-2026-110439 EXPLOITDB text
Pacer Edition CMS 2.1 - 'l' Local File Inclusion
by LiquidWorm
EIP-2026-105183 EXPLOITDB text
Angora Guestbook 1.5 - Local File Inclusion
by AutoSec Tools
EIP-2026-101925 EXPLOITDB text
Polycom IP Phone - Web Interface Data Disclosure
by Yakir Wizman
EIP-2026-101511 EXPLOITDB text VERIFIED
Aastra IP Phone 9480i - Web Interface Data Disclosure
by Yakir Wizman
EIP-2026-100309 EXPLOITDB text VERIFIED
EquiPCS - SQL Injection
by Sideswipe
CVE-2011-2194 EXPLOITDB text VERIFIED
VLC media player <1.1.9 - DoS/Buffer Overflow
Integer overflow in the XSPF playlist parser in VideoLAN VLC media player 0.8.5 through 1.1.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow.
by TecR0c
EIP-2026-113780 EXPLOITDB text VERIFIED
WordPress Plugin GD Star Rating - 'votes' SQL Injection
by anonymous
EIP-2026-114409 EXPLOITDB text VERIFIED
Xataface 1.x - 'action' Local File Inclusion
by ITSecTeam
By Source
All 31,386 Writeup 62,507 Exploitdb 50,076 Nomisec 22,463 Github 3,685 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,604 ruby 6,006 c 3,632 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 231 shell 133 go 73 postscript 25 typescript 25