Exploitdb Exploits

31,344 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-107688 EXPLOITDB text VERIFIED
Hyena Cart - 'index.php' SQL Injection
by AtT4CKxT3rR0r1ST
EIP-2026-106593 EXPLOITDB text VERIFIED
Drupal Module Cumulus 5.x-1.1/6.x-1.4 - 'tagcloud' Cross-Site Scripting
by MustLive
EIP-2026-106193 EXPLOITDB text
course registration management system 2.1 - Multiple Vulnerabilities
by AutoSec Tools
EIP-2026-105496 EXPLOITDB text VERIFIED
Bitweaver 2.8.1 - Persistent Cross-Site Scripting
by lemlajt
EIP-2026-102729 EXPLOITDB text VERIFIED
RedHat Linux - Stickiness of /tmp
by Tavis Ormandy
EIP-2026-113783 EXPLOITDB text VERIFIED
WordPress Plugin GD Star Rating 1.9.7 - 'wpfn' Cross-Site Scripting
by High-Tech Bridge SA
EIP-2026-112960 EXPLOITDB text VERIFIED
Vanilla Forums 2.0.17.x - 'p' Cross-Site Scripting
by Aung Khant
CVE-2011-1106 EXPLOITDB text VERIFIED
IBM Lotus Sametime - XSS
Cross-site scripting (XSS) vulnerability in stcenter.nsf in the server in IBM Lotus Sametime allows remote attackers to inject arbitrary web script or HTML via the authReasonCode parameter in an OpenDatabase action.
by andrew
EIP-2026-107329 EXPLOITDB text
Galilery 1.0 - Local File Inclusion
by lemlajt
EIP-2026-106556 EXPLOITDB text
dotProject 2.1.5 - Multiple Vulnerabilities
by lemlajt
EIP-2026-103423 EXPLOITDB text VERIFIED
Battlefield 2/2142 - Packet Null Pointer Dereference Remote Denial of Service
by Luigi Auriemma
EIP-2026-102208 EXPLOITDB text VERIFIED
iOS SideBooks 1.0 - Directory Traversal
by R3d@l3rt_ Sp@2K_ Sunlight
EIP-2026-102202 EXPLOITDB text VERIFIED
iOS FtpDisc 1.0 - Directory Traversal
by R3d@l3rt_ Sp@2K_ Sunlight
EIP-2026-100248 EXPLOITDB text VERIFIED
DIY Web CMS - Multiple Vulnerabilities
by p0pc0rn
EIP-2026-113461 EXPLOITDB text VERIFIED
Woltlab Burning Board 2.3.6 Addon - 'hilfsmittel.php' SQL Injection
by Crazyball
EIP-2026-105411 EXPLOITDB text VERIFIED
Batavi 1.0 - Multiple Local File Inclusion / Cross-Site Scripting Vulnerabilities
by AutoSec Tools
EIP-2026-103938 EXPLOITDB text VERIFIED
IBM Lotus Sametime - stconf.nsf Cross-Site Scripting
by Dave Daly
CVE-2011-1038 EXPLOITDB text VERIFIED
IBM Lotus Sametime - XSS
Multiple cross-site scripting (XSS) vulnerabilities in stconf.nsf in the server in IBM Lotus Sametime 8.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the messageString parameter in a WebMessage action or (2) the PATH_INFO.
by Dave Daly
EIP-2026-107751 EXPLOITDB text
Icy Phoenix 1.3.0.53a - HTTP Referer Persistent Cross-Site Scripting
by Saif El-Sherei
EIP-2026-107825 EXPLOITDB text VERIFIED
Independent Escort CMS - Blind SQL Injection
by NoNameMT
EIP-2026-106938 EXPLOITDB text
eventum issue tracking system 2.3.1 - Persistent Cross-Site Scripting
by Saif El-Sherei
EIP-2026-106906 EXPLOITDB text VERIFIED
Escort Directory CMS - SQL Injection
by NoNameMT
CVE-2011-1060 EXPLOITDB text VERIFIED
Webmastersite Wsn Guest - SQL Injection
SQL injection vulnerability in the member function in classes/member.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the wsnuser cookie to index.php.
by Aliaksandr Hartsuyeu
CVE-2013-1916 EXPLOITDB HIGH text VERIFIED
User Photo - Unrestricted File Upload
In WordPress Plugin User Photo 0.9.4, when a photo is uploaded, it is only partially validated and it is possible to upload a backdoor on the server hosting WordPress. This backdoor can be called (executed) even if the photo has not been yet approved.
by ADVtools
CVSS 8.8
EIP-2026-107354 EXPLOITDB text
GAzie 5.10 - 'Login' Multiple Vulnerabilities
by LiquidWorm
By Source
All 31,344 Writeup 60,350 Exploitdb 50,009 Nomisec 21,883 Metasploit 3,225 Github 2,716 Vulncheck_xdb 906 Inthewild 514 Gitlab 442 Gitee 415 Patchapalooza 312
By Language
text 31,344 python 6,034 ruby 5,914 c 3,575 perl 2,849 html 2,053 php 1,326 bash 460 java 364 c++ 251 javascript 220 shell 95 go 61 postscript 25 xml 24