Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
CVE-2011-10028 EXPLOITDB HIGH text VERIFIED
RealArcade 2.6.0.445 ActiveX - Exec Method Command Execution
The RealNetworks RealArcade platform includes an ActiveX control (InstallerDlg.dll, version 2.6.0.445) that exposes a method named Exec via the StubbyUtil.ProcessMgr COM object. This method allows remote attackers to execute arbitrary commands on a victim's Windows machine without proper validation or restrictions. This platform was sometimes referred to or otherwise known as RealArcade or Arcade Games and has since consolidated with RealNetworks' platform, GameHouse.
by rgod
EIP-2026-119083 EXPLOITDB text VERIFIED
RealNetworks RealGames StubbyUtil.ShellCtl.1 - ActiveX Control Multiple Remote Command Executions
by rgod
EIP-2026-119081 EXPLOITDB text VERIFIED
RealNetworks GameHouse 'InstallerDlg.dll' 2.6.0.445 ActiveX Control - Multiple Vulnerabilities
by rgod
EIP-2026-113967 EXPLOITDB text VERIFIED
WordPress Plugin Placester 0.1 - 'ajax_action' Cross-Site Scripting
by John Leitch
EIP-2026-111679 EXPLOITDB text
Rash CMS - SQL Injection
by keracker
EIP-2026-110263 EXPLOITDB text
OpenCart 1.4.9 - Multiple Local File Inclusions
by KedAns-Dz
EIP-2026-106490 EXPLOITDB text VERIFIED
DoceboLms 4.0.4 - 'index.php' Multiple HTML Injection Vulnerabilities
by LiquidWorm
EIP-2026-105389 EXPLOITDB text VERIFIED
Banner Ad Management Script - SQL Injection
by Egyptian.H4x0rz
EIP-2026-104984 EXPLOITDB text
Advanced Image Hosting 2.2 - 'index.php' SQL Injection
by keracker
EIP-2026-112386 EXPLOITDB text
spidaNews 1.0 - 'news.php?id' SQL Injection
by Easy Laster
EIP-2026-107781 EXPLOITDB text
ilchClan 1.0.5 - 'regist.php' SQL Injection
by Easy Laster
CVE-2011-1667 EXPLOITDB text VERIFIED
Anzeigenmarkt 2011 - SQL Injection via q Parameter in list Action
SQL injection vulnerability in index.php in Anzeigenmarkt 2011 allows remote attackers to execute arbitrary SQL commands via the q parameter in a list action.
by Easy Laster
CVE-2011-1670 EXPLOITDB text VERIFIED
InTerra Blog Machine 1.84 - Cross-Site Scripting via Subject Parameter
Cross-site scripting (XSS) vulnerability in actions/add.php in InTerra Blog Machine 1.84, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the subject parameter to post_url/edit.
by High-Tech Bridge SA
EIP-2026-107072 EXPLOITDB text VERIFIED
Feng Office 1.7.3.3 - Cross-Site Request Forgery
by High-Tech Bridge SA
CVE-2011-1668 EXPLOITDB text VERIFIED
AR Web Content Manager 2.1, 2.2 - Cross-Site Scripting via Search Parameter
Cross-site scripting (XSS) vulnerability in search.php in AR Web Content Manager (AWCM) 2.1, 2.2, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the search parameter.
by Antu Sanadi
CVE-2011-1665 EXPLOITDB text
PHPBoost 3.0 - Unauthenticated Sensitive Information Exposure via Predictable Backup Filenames
PHPBoost 3.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain backup SQL files via a direct request for predictable filenames in cache/backup/.
by KedAns-Dz
CVE-2011-1670 EXPLOITDB text VERIFIED
InTerra Blog Machine 1.84 - Cross-Site Scripting via Subject Parameter
Cross-site scripting (XSS) vulnerability in actions/add.php in InTerra Blog Machine 1.84, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the subject parameter to post_url/edit.
by High-Tech Bridge SA
EIP-2026-106059 EXPLOITDB text VERIFIED
Collabtive 0.6.5 - Multiple Remote Input Validation Vulnerabilities
by High-Tech Bridge SA
EIP-2026-114501 EXPLOITDB text VERIFIED
YaCOMAS 0.3.6 OpenCMS - Multiple Cross-Site Scripting Vulnerabilities
by Pr@fesOr X
EIP-2026-114500 EXPLOITDB text
YaCOMAS 0.3.6 Alpha - Multiple Vulnerabilities
by Pr@fesOr X
EIP-2026-111335 EXPLOITDB text
Pligg CMS 1.1.3 - Multiple Vulnerabilities
by Jelmer de Hen
EIP-2026-107953 EXPLOITDB text VERIFIED
IrIran Shoping Script - SQL Injection
by Net.Edit0r
CVE-2011-1557 EXPLOITDB text VERIFIED
ICloudCenter ICJobSite <1.1 - SQL Injection
SQL injection vulnerability in ICloudCenter ICJobSite 1.1 allows remote attackers to execute arbitrary SQL commands via the pid parameter to an unspecified component, a different vulnerability than CVE-2011-1546. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by RoAd_KiLlEr
EIP-2026-107530 EXPLOITDB text VERIFIED
GuppY 4.6.14 - 'lng' Multiple SQL Injections
by kurdish hackers team
EIP-2026-105466 EXPLOITDB text
BigACE 2.7.5 - Arbitrary File Upload
by Net.Edit0r
By Source
All 31,386 Writeup 62,508 Exploitdb 50,076 Nomisec 22,472 Github 3,695 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,606 ruby 6,006 c 3,632 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 231 shell 135 go 73 postscript 25 typescript 25