Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
CVE-2011-1018 EXPLOITDB text VERIFIED
Logwatch 7.3.6 - Remote Code Execution via Shell Metacharacters in Log File Name
logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server.
by Dominik George
EIP-2026-102207 EXPLOITDB text VERIFIED
iOS Share 1.0 - Directory Traversal
by R3d@l3rt_ Sp@2K_ Sunlight
EIP-2026-102206 EXPLOITDB text VERIFIED
iOS myDBLite 1.1.10 - Directory Traversal
by R3d@l3rt_ Sp@2K_ Sunlight
EIP-2026-102203 EXPLOITDB text VERIFIED
iOS iDocManager 1.0.0 - Directory Traversal
by R3d@l3rt_ Sp@2K_ Sunlight
EIP-2026-101335 EXPLOITDB text VERIFIED
iSO Filer Lite 2.1.0 - Directory Traversal
by R3d@l3rt_ Sp@2K_ Sunlight
EIP-2026-101334 EXPLOITDB text
iSO Air Files 2.6 - Directory Traversal
by R3d@l3rt_ Sp@2K_ Sunlight
EIP-2026-101328 EXPLOITDB text
iphone pdf reader pro 2.3 - Directory Traversal
by Khashayar Fereidani
EIP-2026-101326 EXPLOITDB text
iphone ishred 1.93 - Directory Traversal
by Khashayar Fereidani
EIP-2026-101324 EXPLOITDB text
iPhone Guitar - Directory Traversal
by Khashayar Fereidani
EIP-2026-100696 EXPLOITDB text VERIFIED
Alcassoft's SOPHIA CMS - SQL Injection
by p0pc0rn
EIP-2026-114290 EXPLOITDB text
WordPress Plugin Z-Vote 1.1 - SQL Injection
by High-Tech Bridge SA
EIP-2026-114289 EXPLOITDB text VERIFIED
WordPress Plugin YT-Audio 1.7 - 'v' Cross-Site Scripting
by AutoSec Tools
EIP-2026-113820 EXPLOITDB text VERIFIED
WordPress Plugin IGIT Posts Slider Widget 1.0 - 'src' Cross-Site Scripting
by AutoSec Tools
EIP-2026-113638 EXPLOITDB text VERIFIED
WordPress Plugin Comment Rating 2.9.23 - Multiple Vulnerabilities
by High-Tech Bridge SA
EIP-2026-113636 EXPLOITDB text VERIFIED
WordPress Plugin ComicPress Manager 1.4.9 - 'lang' Cross-Site Scripting
by AutoSec Tools
EIP-2026-113094 EXPLOITDB text VERIFIED
VidiScript - SQL Injection
by ThEtA.Nu
EIP-2026-112762 EXPLOITDB text VERIFIED
tplSoccerStats - 'player.php' SQL Injection
by AtT4CKxT3rR0r1ST
EIP-2026-107688 EXPLOITDB text VERIFIED
Hyena Cart - 'index.php' SQL Injection
by AtT4CKxT3rR0r1ST
EIP-2026-106593 EXPLOITDB text VERIFIED
Drupal Module Cumulus 5.x-1.1/6.x-1.4 - 'tagcloud' Cross-Site Scripting
by MustLive
EIP-2026-106193 EXPLOITDB text
course registration management system 2.1 - Multiple Vulnerabilities
by AutoSec Tools
EIP-2026-105496 EXPLOITDB text VERIFIED
Bitweaver 2.8.1 - Persistent Cross-Site Scripting
by lemlajt
EIP-2026-102729 EXPLOITDB text VERIFIED
RedHat Linux - Stickiness of /tmp
by Tavis Ormandy
EIP-2026-113783 EXPLOITDB text VERIFIED
WordPress Plugin GD Star Rating 1.9.7 - 'wpfn' Cross-Site Scripting
by High-Tech Bridge SA
EIP-2026-112960 EXPLOITDB text VERIFIED
Vanilla Forums 2.0.17.x - 'p' Cross-Site Scripting
by Aung Khant
CVE-2011-1106 EXPLOITDB text VERIFIED
IBM Lotus Sametime - Stored Cross-Site Scripting via stcenter.nsf authReasonCode Parameter
Cross-site scripting (XSS) vulnerability in stcenter.nsf in the server in IBM Lotus Sametime allows remote attackers to inject arbitrary web script or HTML via the authReasonCode parameter in an OpenDatabase action.
by andrew
By Source
All 31,386 Writeup 62,509 Exploitdb 50,076 Nomisec 22,473 Github 3,698 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 480 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,607 ruby 6,006 c 3,632 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 231 shell 135 go 73 postscript 25 typescript 25