Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
CVE-2010-10012 EXPLOITDB HIGH text VERIFIED
httpdasm 0.92 - Unauthenticated Path Traversal via URL-Encoded Backslashes
A path traversal vulnerability exists in httpdasm version 0.92, a lightweight Windows HTTP server, that allows unauthenticated attackers to read arbitrary files on the host system. By sending a specially crafted GET request containing a sequence of URL-encoded backslashes and directory traversal patterns, an attacker can escape the web root and access sensitive files outside of the intended directory.
by John Leitch
EIP-2026-119070 EXPLOITDB text VERIFIED
QuickPHP Web Server 1.9.1 - Directory Traversal
by John Leitch
EIP-2026-113501 EXPLOITDB text VERIFIED
WordPress Core 3.0.3 - Persistent Cross-Site Scripting (Internet Explorer 6/7 / NS8.1)
by Saif
EIP-2026-112185 EXPLOITDB text VERIFIED
Siteframe CMS 3.2.3 - 'user.php' SQL Injection
by AnGrY BoY
EIP-2026-110793 EXPLOITDB text VERIFIED
PHP-AddressBook 6.2.4 - 'group.php' SQL Injection
by hiphop
EIP-2026-109910 EXPLOITDB text
News Script PHP Pro - 'FCKeditor' Arbitrary File Upload
by Net.Edit0r
EIP-2026-109219 EXPLOITDB text VERIFIED
LoveCMS 1.6.2 - Cross-Site Request Forgery / Code Injection
by hiphop
EIP-2026-109130 EXPLOITDB text VERIFIED
LightNEasy 3.2.2 - Multiple Vulnerabilities
by High-Tech Bridge SA
EIP-2026-108958 EXPLOITDB text
kaibb 1.0.1 - Multiple Vulnerabilities
by High-Tech Bridge SA
EIP-2026-106617 EXPLOITDB text VERIFIED
DzTube - SQL Injection
by errnick qwe
EIP-2026-106465 EXPLOITDB text VERIFIED
Discovery TorrentTrader 2.6 - Multiple Vulnerabilities
by EsS4ndre
EIP-2026-106435 EXPLOITDB text
DGNews 2.1 - SQL Injection
by kalashnikov
EIP-2026-105229 EXPLOITDB text
ardeaCore 2.25 - PHP Framework Remote File Inclusion
by n0n0x
EIP-2026-101249 EXPLOITDB text VERIFIED
DD-WRT 24-preSP2 - Information Disclosure
by Craig Heffner
EIP-2026-107657 EXPLOITDB text VERIFIED
HotWeb Scripts HotWeb Rentals - 'PageId' SQL Injection
by non customers
CVE-2010-4693 EXPLOITDB text VERIFIED
Coppermine Photo Gallery <1.5.10 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Coppermine Photo Gallery 1.5.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) h and (2) t parameters to help.php, or (3) picfile_XXX parameter to searchnew.php.
by waraxe
EIP-2026-113236 EXPLOITDB text VERIFIED
Web@all 1.1 - Remote Admin Settings Change
by Giuseppe D'Inverno
EIP-2026-111334 EXPLOITDB text VERIFIED
Pligg CMS 1.1.3 - 'range' SQL Injection
by Dr.NeT
EIP-2026-110287 EXPLOITDB text
OpenEMR 3.2.0 - SQL Injection / Cross-Site Scripting
by blake
CVE-2010-4276 EXPLOITDB text VERIFIED
LiveZilla 3.2.0.2 - Cross-Site Scripting via livezilla Parameter in server.php
Cross-site scripting (XSS) vulnerability in the lz_tracking_set_sessid function in templates/jscript/jstrack.tpl in LiveZilla 3.2.0.2 allows remote attackers to inject arbitrary web script or HTML via the livezilla parameter in a track action to server.php.
by Ulisses Castro
EIP-2026-100083 EXPLOITDB text VERIFIED
Sigma Portal - 'ShowObjectPicture.aspx' Denial of Service
by Pouya Daneshmand
EIP-2026-107880 EXPLOITDB text VERIFIED
Interact 2.4.1 - SQL Injection
by IR Security
EIP-2026-106246 EXPLOITDB text VERIFIED
CruxCMS 3.0 - Multiple Input Validation Vulnerabilities
by ToXiC
EIP-2026-112945 EXPLOITDB text
Vacation Rental Script 4.0 - Cross-Site Request Forgery
by OnurTURKESHAN
EIP-2026-112778 EXPLOITDB text
Traidnt Up 3.0 - Cross-Site Request Forgery
by P0C T34M
By Source
All 31,386 Writeup 62,526 Exploitdb 50,076 Nomisec 22,480 Github 3,713 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 480 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,614 ruby 6,006 c 3,635 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 231 shell 137 go 73 postscript 25 typescript 25