Exploitdb Exploits

31,344 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-107384 EXPLOITDB text VERIFIED
Geomi CMS 1.2/3.0 - SQL Injection
by ThunDEr HeaD
EIP-2026-111835 EXPLOITDB text VERIFIED
RunCMS 2.2.2 - 'register.php' SQL Injection
by High-Tech Bridge SA
CVE-2010-3272 EXPLOITDB text VERIFIED
ZOHO ManageEngine ADSelfService Plus <4.5 Build 4500 - RCE
accounts/ValidateAnswers in the security-questions implementation in ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 makes it easier for remote attackers to reset user passwords, and consequently obtain access to arbitrary user accounts, via a modified (1) Hide_Captcha or (2) quesList parameter in a validateAll action.
by Core Security
CVE-2010-3274 EXPLOITDB text VERIFIED
ZOHO ManageEngine ADSelfService Plus <4.5.4500 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in EmployeeSearch.cc in the Employee Search Engine in ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 allow remote attackers to inject arbitrary web script or HTML via the searchString parameter in a (1) showList or (2) Search action.
by Core Security
EIP-2026-106529 EXPLOITDB text VERIFIED
Dolphin 7.0.4 - Multiple Cross-Site Scripting Vulnerabilities
by AutoSec Tools
EIP-2026-101349 EXPLOITDB text
Linksys WAP610N - Root Access Security
by Matteo Ignaccolo
EIP-2026-113720 EXPLOITDB text
WordPress Plugin Enable Media Replace - Multiple Vulnerabilities
by Ulf Harnhammar
EIP-2026-113202 EXPLOITDB text VERIFIED
Web 2.0 Social Network Freunde Community - SQL Injection
by NoNameMT
EIP-2026-112354 EXPLOITDB text
SourceBans 1.4.7 - Cross-Site Scripting
by Sw1tCh
EIP-2026-112249 EXPLOITDB text VERIFIED
Smarty Template Engine 2.6.9 - '$smarty.template' PHP Code Injection
by jonieske
EIP-2026-111255 EXPLOITDB text VERIFIED
PHPXref 0.7 - 'nav.html' Cross-Site Scripting
by MustLive
CVE-2011-1048 EXPLOITDB text VERIFIED
Mihantools - SQL Injection
SQL injection vulnerability in product.php in MihanTools 1.33 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by WHITE_DEVIL
EIP-2026-105307 EXPLOITDB text VERIFIED
Auto Database System 1.0 Infusion Addon - SQL Injection
by Saif
EIP-2026-113243 EXPLOITDB text VERIFIED
WebAsyst Shop-Script - Cross-Site Scripting / HTML Injection
by High-Tech Bridge SA
EIP-2026-113061 EXPLOITDB text VERIFIED
ViArt Shop 4.0.5 - Multiple Cross-Site Scripting Vulnerabilities
by High-Tech Bridge SA
EIP-2026-112896 EXPLOITDB text VERIFIED
UMI CMS 2.8.1.2 - Multiple Cross-Site Scripting Vulnerabilities
by High-Tech Bridge SA
EIP-2026-109538 EXPLOITDB text
Model Agentur Script - SQL Injection
by NoNameMT
EIP-2026-105864 EXPLOITDB text VERIFIED
CiviCRM 3.3.3 - Multiple Cross-Site Scripting Vulnerabilities
by AutoSec Tools
EIP-2026-112541 EXPLOITDB text
T-Content Managment System - Multiple Vulnerabilities
by Daniel Godoy
EIP-2026-112513 EXPLOITDB text
SWFupload 2.5.0 Beta 3 - Arbitrary File Upload
by Daniel Godoy
EIP-2026-109772 EXPLOITDB text
MyMarket 1.71 - 'index.php' SQL Injection
by ahmadso
EIP-2026-108031 EXPLOITDB text VERIFIED
jakcms 2.0 pro rc5 - Persistent Cross-Site Scripting via useragent http header Injection
by Saif El-Sherei
EIP-2026-106909 EXPLOITDB text VERIFIED
Escortservice 1.0 - 'custid' SQL Injection
by NoNameMT
CVE-2011-1137 EXPLOITDB text
Proftpd < 1.3.3 - Numeric Error
Integer overflow in the mod_sftp (aka SFTP) module in ProFTPD 1.3.3d and earlier allows remote attackers to cause a denial of service (memory consumption leading to OOM kill) via a malformed SSH message.
by kingcope
EIP-2026-101370 EXPLOITDB text VERIFIED
Multiple Check Point Endpoint Security Products - Information Disclosure
by Rapid7
By Source
All 31,344 Writeup 60,350 Exploitdb 50,009 Nomisec 21,883 Metasploit 3,225 Github 2,716 Vulncheck_xdb 906 Inthewild 514 Gitlab 442 Gitee 415 Patchapalooza 312
By Language
text 31,344 python 6,034 ruby 5,914 c 3,575 perl 2,849 html 2,053 php 1,326 bash 460 java 364 c++ 251 javascript 220 shell 95 go 61 postscript 25 xml 24