Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-112290 EXPLOITDB text
Social Engine 4.x (Music Plugin) - Arbitrary File Upload
by MyDoom
EIP-2026-111333 EXPLOITDB text
Pligg CMS 1.1.2 - Blind SQL Injection / Cross-Site Scripting
by Michael Brooks
EIP-2026-110247 EXPLOITDB text
openauto 1.6.3 - Multiple Vulnerabilities
by Michael Brooks
EIP-2026-109220 EXPLOITDB text VERIFIED
LoveCMS 1.6.2 Final - Multiple Local File Inclusions
by cOndemned
EIP-2026-108373 EXPLOITDB text VERIFIED
Joomla! Component com_idoblog - SQL Injection
by NOCKAR1111
EIP-2026-112403 EXPLOITDB text VERIFIED
SquareCMS 0.3.1 - 'post.php' SQL Injection
by cOndemned
EIP-2026-108604 EXPLOITDB text VERIFIED
Joomla! Component com_xmovie 1.0 - Local File Inclusion
by KelvinX
EIP-2026-107757 EXPLOITDB text
iDevSpot iDevCart 1.10 - Multiple Local File Inclusions
by v3n0m
EIP-2026-103143 EXPLOITDB text VERIFIED
IBM Tivoli Access Manager 6.1.1 for E-Business - Directory Traversal
by anonymous
EIP-2026-114554 EXPLOITDB text VERIFIED
Ypninc Realty Classifieds - SQL Injection
by Br0ly
EIP-2026-112298 EXPLOITDB text VERIFIED
Social Share - 'search' Cross-Site Scripting
by Aliaksandr Hartsuyeu
CVE-2010-5096 EXPLOITDB text VERIFIED
MyBB < 1.6.1 - SQL Injection via Search or Private Keywords Parameter
Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) before 1.6.1 allow remote attackers to execute arbitrary SQL commands via the keywords parameter in a (1) do_search action to search.php or (2) do_stuff action to private.php. NOTE: the vendor disputes this issue, saying "Although this doesn't lead to an SQL injection, it does provide a general MyBB SQL error.
by Aung Khant
CVE-2010-5096 EXPLOITDB text VERIFIED
MyBB < 1.6.1 - SQL Injection via Search or Private Keywords Parameter
Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) before 1.6.1 allow remote attackers to execute arbitrary SQL commands via the keywords parameter in a (1) do_search action to search.php or (2) do_stuff action to private.php. NOTE: the vendor disputes this issue, saying "Although this doesn't lead to an SQL injection, it does provide a general MyBB SQL error.
by Aung Khant
EIP-2026-108486 EXPLOITDB text
Joomla! Component com_ponygallery - Remote File Inclusion
by AtT4CKxT3rR0r1ST
EIP-2026-108256 EXPLOITDB text
Joomla! Component com_adsmanager - Remote File Inclusion
by AtT4CKxT3rR0r1ST
EIP-2026-107948 EXPLOITDB text VERIFIED
IPN Development Handler 2.0 - Multiple Vulnerabilities
by AtT4CKxT3rR0r1ST
EIP-2026-106270 EXPLOITDB text
CubeCart 3.0.4 - SQL Injection
by Dr.NeT
EIP-2026-105647 EXPLOITDB text VERIFIED
Built2Go PHP Shopping - SQL Injection
by Br0ly
EIP-2026-103860 EXPLOITDB text VERIFIED
Appweb Web Server 3.2.2-1 - Cross-Site Scripting
by Gjoko Krstic
EIP-2026-101657 EXPLOITDB text
D-Link WBR-1310 - Authentication Bypass
by Craig Heffner
EIP-2026-113524 EXPLOITDB text VERIFIED
WordPress Plugin Accept Signups 0.1 - Cross-Site Scripting
by clshack
EIP-2026-113523 EXPLOITDB text VERIFIED
WordPress Plugin Accept Signups 0.1 - 'email' Cross-Site Scripting
by clshack
EIP-2026-108243 EXPLOITDB text VERIFIED
Joomla! Component Classified - SQL Injection
by R4dc0re
CVE-2010-4566 EXPLOITDB text VERIFIED
Citrix Access Gateway <5.0 - Command Injection
The web authentication form in the NT4 authentication component in Citrix Access Gateway Enterprise Edition 9.2-49.8 and earlier, and the NTLM authentication component in Access Gateway Standard and Advanced Editions before Access Gateway 5.0, allows attackers to execute arbitrary commands via shell metacharacters in the password field.
by George D. Gal
EIP-2026-100859 EXPLOITDB text VERIFIED
Mitel AWC - Command Execution
by Procheckup
By Source
All 31,386 Writeup 62,526 Exploitdb 50,076 Nomisec 22,480 Github 3,713 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 480 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,614 ruby 6,006 c 3,635 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 231 shell 137 go 73 postscript 25 typescript 25