Exploitdb Exploits

31,341 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-118116 EXPLOITDB text
Windows MultiPoint Server 2011 SP1 - RpcEptMapper and Dnschade Local Privilege Escalation
by Marcio Mendes
EIP-2026-114242 EXPLOITDB text
WordPress Plugin WP Symposium Pro 2021.10 - 'wps_admin_forum_add_name' Stored Cross-Site Scripting (XSS)
by Murat DEMİRCİ
EIP-2026-113525 EXPLOITDB text
WordPress Plugin AccessPress Social Icons 1.8.2 - 'icon title' Stored Cross-Site Scripting (XSS)
by Murat DEMİRCİ
CVE-2023-43959 EXPLOITDB HIGH text
YeaLinkSIP-T19P-E2 <v.53.84.0.15 - RCE
An issue in YeaLinkSIP-T19P-E2 v.53.84.0.15 allows a remote privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component.
by tahaafarooq
CVSS 8.8
EIP-2026-106855 EXPLOITDB text
Employee Daily Task Management System 1.0 - 'Name' Stored Cross-Site Scripting (XSS)
by Ragavender A G
EIP-2026-106854 EXPLOITDB text
Employee and Visitor Gate Pass Logging System 1.0 - 'name' Stored Cross-Site Scripting (XSS)
by İlhami Selamet
CVE-2021-47766 EXPLOITDB HIGH text
Kmaleon 1.1.0.205 - SQL Injection
Kmaleon 1.1.0.205 contains an authenticated SQL injection vulnerability in the 'tipocomb' parameter of kmaleonW.php that allows attackers to manipulate database queries. Attackers can exploit this vulnerability using boolean-based, error-based, and time-based blind SQL injection techniques to potentially extract or manipulate database information.
by Amel BOUZIANE-LEBLOND
CVSS 7.1
EIP-2026-113582 EXPLOITDB text
WordPress Plugin Backup and Restore 1.0.3 - Arbitrary File Deletion
by Murat DEMİRCİ
EIP-2026-112075 EXPLOITDB text
Simple Client Management System 1.0 - SQLi (Authentication Bypass)
by Sentinal920
EIP-2026-112072 EXPLOITDB text
Simple Client Management System 1.0 - 'multiple' Stored Cross-Site Scripting (XSS)
by Sentinal920
EIP-2026-109553 EXPLOITDB text
Money Transfer Management System 1.0 - Authentication Bypass
by Aryan Chehreghani
CVE-2021-42325 EXPLOITDB CRITICAL text
Froxlor < 0.10.30 - SQL Injection
Froxlor through 0.10.29.1 allows SQL injection in Database/Manager/DbManagerMySQL.php via a custom DB name.
by Martin Cernac
CVSS 9.8
CVE-2021-47768 EXPLOITDB MEDIUM text
Cleidigh Importexporttools NG - XSS
ImportExportTools NG 10.0.4 contains a persistent HTML injection vulnerability in the email export module that allows remote attackers to inject malicious HTML payloads. Attackers can send emails with crafted HTML in the subject that execute during HTML export, potentially compromising user data or session credentials.
by Vulnerability-Lab
CVSS 6.1
CVE-2021-47767 EXPLOITDB HIGH text
10-strike Network Inventory Explorer - Privilege Escalation
10-Strike Network Inventory Explorer Pro 9.31 contains an unquoted service path vulnerability in the srvInventoryWebServer service running with LocalSystem privileges. Attackers can exploit the unquoted path by placing malicious executables in potential path segments to achieve privilege escalation and execute code with system-level permissions.
by Brian Rodriguez
CVSS 7.8
EIP-2026-110502 EXPLOITDB text
Payment Terminal 3.1 - 'Multiple' Cross-Site Scripting (XSS)
by Vulnerability-Lab
CVE-2021-47771 EXPLOITDB MEDIUM text
Cinspiration RDP Manager - Resource Allocation Without Limits
RDP Manager 4.9.9.3 contains a denial of service vulnerability in connection input fields that allows local attackers to crash the application. Attackers can add oversized entries in Verbindungsname and Server fields to permanently freeze and crash the software, potentially requiring full reinstallation.
by Vulnerability-Lab
CVSS 5.5
CVE-2021-47769 EXPLOITDB MEDIUM text
Bdtask Isshue - XSS
Isshue Shopping Cart 3.5 contains a persistent cross-site scripting vulnerability in title input fields across stock, customer, and invoice modules. Attackers with privileged user accounts can inject malicious scripts that execute on preview, potentially enabling session hijacking and persistent phishing attacks.
by Vulnerability-Lab
CVSS 4.8
EIP-2026-113972 EXPLOITDB text
WordPress Plugin Popup Anything 2.0.3 - 'Multiple' Stored Cross-Site Scripting (XSS)
by Luca Schembri
EIP-2026-113810 EXPLOITDB text
WordPress Plugin Hotel Listing 3 - 'Multiple' Cross-Site Scripting (XSS)
by Vulnerability-Lab
EIP-2026-112956 EXPLOITDB text
Vanguard 2.1 - 'Search' Cross-Site Scripting (XSS)
by Vulnerability-Lab
EIP-2026-112885 EXPLOITDB text
Ultimate POS 4.4 - 'name' Cross-Site Scripting (XSS)
by Vulnerability-Lab
EIP-2026-112154 EXPLOITDB text
Simplephpscripts Simple CMS 2.1 - 'Multiple' Stored Cross-Site Scripting (XSS)
by Vulnerability-Lab
EIP-2026-112153 EXPLOITDB text
Simplephpscripts Simple CMS 2.1 - 'Multiple' SQL Injection
by Vulnerability-Lab
EIP-2026-111093 EXPLOITDB text
PHPJabbers Simple CMS 5 - 'name' Persistent Cross-Site Scripting (XSS)
by Vulnerability-Lab
EIP-2026-110729 EXPLOITDB text
PHP Melody 3.0 - Persistent Cross-Site Scripting (XSS)
by Vulnerability-Lab
By Source
All 31,341 Exploitdb 50,121 Writeup 46,733 Nomisec 21,197 Metasploit 3,189 Github 2,248 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,738 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 359 javascript 260 c++ 247 shell 68 go 41 postscript 25 xml 24