Exploitdb Exploits

31,344 exploits tracked across all sources.

Sort: Activity Stars
CVE-2011-0420 EXPLOITDB text VERIFIED
Php - Denial of Service
The grapheme_extract function in the Internationalization extension (Intl) for ICU for PHP 5.3.5 allows context-dependent attackers to cause a denial of service (crash) via an invalid size argument, which triggers a NULL pointer dereference.
by Maksymilian Arciemowicz
CVE-2011-0420 EXPLOITDB text VERIFIED
Php - Denial of Service
The grapheme_extract function in the Internationalization extension (Intl) for ICU for PHP 5.3.5 allows context-dependent attackers to cause a denial of service (crash) via an invalid size argument, which triggers a NULL pointer dereference.
by Maksymilian Arciemowicz
EIP-2026-109784 EXPLOITDB text VERIFIED
mySeatXT 0.164 - 'lang' Local File Inclusion
by AutoSec Tools
CVE-2010-4738 EXPLOITDB text VERIFIED
Rae Media INC Real Estate <3.0 - SQL Injection
Multiple SQL injection vulnerabilities in Rae Media INC Real Estate Single and Multi Agent System 3.0 allow remote attackers to execute arbitrary SQL commands via the probe parameter to (1) multi/city.asp in the Multi Agent System and (2) resulttype.asp in the Single Agent System.
by R4dc0re
CVE-2010-4738 EXPLOITDB text VERIFIED
Rae Media INC Real Estate <3.0 - SQL Injection
Multiple SQL injection vulnerabilities in Rae Media INC Real Estate Single and Multi Agent System 3.0 allow remote attackers to execute arbitrary SQL commands via the probe parameter to (1) multi/city.asp in the Multi Agent System and (2) resulttype.asp in the Single Agent System.
by R4dc0re
EIP-2026-113431 EXPLOITDB text VERIFIED
Wikipad 1.6.0 - Cross-Site Scripting / HTML Injection / Information Disclosure
by High-Tech Bridge SA
EIP-2026-111989 EXPLOITDB text
Seo Panel 2.2.0 - SQL Injection
by High-Tech Bridge SA
EIP-2026-111145 EXPLOITDB text VERIFIED
phpMyBitTorrent 2.0.4 - SQL Injection
by #forkbombers
EIP-2026-110620 EXPLOITDB text VERIFIED
Photopad 1.2 - Multiple Cross-Site Scripting Vulnerabilities
by High-Tech Bridge SA
EIP-2026-110026 EXPLOITDB text
omegabill 1.0 build 6 - Multiple Vulnerabilities
by AutoSec Tools
EIP-2026-109438 EXPLOITDB text VERIFIED
MG2 0.5.1 - Multiple Cross-Site Scripting Vulnerabilities
by LiquidWorm
EIP-2026-107456 EXPLOITDB text VERIFIED
Gollos 2.8 - Multiple Cross-Site Scripting Vulnerabilities
by High-Tech Bridge SA
EIP-2026-107392 EXPLOITDB text VERIFIED
Getsimple CMS 2.03 - 'upload-ajax.php' Arbitrary File Upload
by s3rg3770 & Chuzz
EIP-2026-111836 EXPLOITDB text
RunCMS 2.2.2 - Multiple Vulnerabilities
by High-Tech Bridge SA
EIP-2026-108933 EXPLOITDB text VERIFIED
jSchool Advanced - SQL Injection
by eXa.DisC
EIP-2026-105333 EXPLOITDB text
AWCM 2.2 Final - Persistent Cross-Site Scripting
by _84kur10_
CVE-2011-1062 EXPLOITDB text
Taskfreak! - XSS
Multiple cross-site scripting (XSS) vulnerabilities in include/html/header.php in TaskFreak! 0.6.4 allow remote attackers to inject arbitrary web script or HTML via the (1) sContext, (2) sort, (3) dir, and (4) show parameters in a save action to index.php; the (5) dir and (6) show parameters to print_list.php; and the (7) HTTP referer header to rss.php. NOTE: some of these details are obtained from third party information.
by LiquidWorm
CVE-2011-1062 EXPLOITDB text VERIFIED
Taskfreak! - XSS
Multiple cross-site scripting (XSS) vulnerabilities in include/html/header.php in TaskFreak! 0.6.4 allow remote attackers to inject arbitrary web script or HTML via the (1) sContext, (2) sort, (3) dir, and (4) show parameters in a save action to index.php; the (5) dir and (6) show parameters to print_list.php; and the (7) HTTP referer header to rss.php. NOTE: some of these details are obtained from third party information.
by LiquidWorm
CVE-2011-1062 EXPLOITDB text VERIFIED
Taskfreak! - XSS
Multiple cross-site scripting (XSS) vulnerabilities in include/html/header.php in TaskFreak! 0.6.4 allow remote attackers to inject arbitrary web script or HTML via the (1) sContext, (2) sort, (3) dir, and (4) show parameters in a save action to index.php; the (5) dir and (6) show parameters to print_list.php; and the (7) HTTP referer header to rss.php. NOTE: some of these details are obtained from third party information.
by LiquidWorm
CVE-2011-1062 EXPLOITDB text VERIFIED
Taskfreak! - XSS
Multiple cross-site scripting (XSS) vulnerabilities in include/html/header.php in TaskFreak! 0.6.4 allow remote attackers to inject arbitrary web script or HTML via the (1) sContext, (2) sort, (3) dir, and (4) show parameters in a save action to index.php; the (5) dir and (6) show parameters to print_list.php; and the (7) HTTP referer header to rss.php. NOTE: some of these details are obtained from third party information.
by LiquidWorm
CVE-2011-1100 EXPLOITDB text
Pixelpost - SQL Injection
Multiple SQL injection vulnerabilities in admin/index.php in Pixelpost 1.7.3 allow remote authenticated users to execute arbitrary SQL commands via the (1) findfid, (2) id, (3) selectfcat, (4) selectfmon, or (5) selectftag parameter in an images action.
by LiquidWorm
EIP-2026-106905 EXPLOITDB text VERIFIED
Escort Agency CMS - Blind SQL Injection
by NoNameMT
EIP-2026-106505 EXPLOITDB text VERIFIED
Dokeos 1.8.6 2 - 'style' Cross-Site Scripting
by AutoSec Tools
EIP-2026-109053 EXPLOITDB text VERIFIED
Kunena < 1.5.13 / < 1.6.3 - SQL Injection
by Red Matter
CVE-2009-0932 EXPLOITDB text VERIFIED
Debian Horde - Path Traversal
Directory traversal vulnerability in framework/Image/Image.php in Horde before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Horde_Image driver name.
by skysbsb
By Source
All 31,344 Writeup 60,350 Exploitdb 50,009 Nomisec 21,883 Metasploit 3,225 Github 2,716 Vulncheck_xdb 906 Inthewild 514 Gitlab 442 Gitee 415 Patchapalooza 312
By Language
text 31,344 python 6,034 ruby 5,914 c 3,575 perl 2,849 html 2,053 php 1,326 bash 460 java 364 c++ 251 javascript 220 shell 95 go 61 postscript 25 xml 24