Exploitdb Exploits

31,394 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-111334 EXPLOITDB text VERIFIED
Pligg CMS 1.1.3 - 'range' SQL Injection
by Dr.NeT
EIP-2026-110287 EXPLOITDB text
OpenEMR 3.2.0 - SQL Injection / Cross-Site Scripting
by blake
CVE-2010-4276 EXPLOITDB text VERIFIED
LiveZilla 3.2.0.2 - Cross-Site Scripting via livezilla Parameter in server.php
Cross-site scripting (XSS) vulnerability in the lz_tracking_set_sessid function in templates/jscript/jstrack.tpl in LiveZilla 3.2.0.2 allows remote attackers to inject arbitrary web script or HTML via the livezilla parameter in a track action to server.php.
by Ulisses Castro
EIP-2026-100083 EXPLOITDB text VERIFIED
Sigma Portal - 'ShowObjectPicture.aspx' Denial of Service
by Pouya Daneshmand
EIP-2026-107880 EXPLOITDB text VERIFIED
Interact 2.4.1 - SQL Injection
by IR Security
EIP-2026-106246 EXPLOITDB text VERIFIED
CruxCMS 3.0 - Multiple Input Validation Vulnerabilities
by ToXiC
EIP-2026-112945 EXPLOITDB text
Vacation Rental Script 4.0 - Cross-Site Request Forgery
by OnurTURKESHAN
EIP-2026-112778 EXPLOITDB text
Traidnt Up 3.0 - Cross-Site Request Forgery
by P0C T34M
EIP-2026-112290 EXPLOITDB text
Social Engine 4.x (Music Plugin) - Arbitrary File Upload
by MyDoom
EIP-2026-111333 EXPLOITDB text
Pligg CMS 1.1.2 - Blind SQL Injection / Cross-Site Scripting
by Michael Brooks
EIP-2026-110247 EXPLOITDB text
openauto 1.6.3 - Multiple Vulnerabilities
by Michael Brooks
EIP-2026-109220 EXPLOITDB text VERIFIED
LoveCMS 1.6.2 Final - Multiple Local File Inclusions
by cOndemned
EIP-2026-108373 EXPLOITDB text VERIFIED
Joomla! Component com_idoblog - SQL Injection
by NOCKAR1111
EIP-2026-112403 EXPLOITDB text VERIFIED
SquareCMS 0.3.1 - 'post.php' SQL Injection
by cOndemned
EIP-2026-108604 EXPLOITDB text VERIFIED
Joomla! Component com_xmovie 1.0 - Local File Inclusion
by KelvinX
EIP-2026-107757 EXPLOITDB text
iDevSpot iDevCart 1.10 - Multiple Local File Inclusions
by v3n0m
EIP-2026-103143 EXPLOITDB text VERIFIED
IBM Tivoli Access Manager 6.1.1 for E-Business - Directory Traversal
by anonymous
EIP-2026-114554 EXPLOITDB text VERIFIED
Ypninc Realty Classifieds - SQL Injection
by Br0ly
EIP-2026-112298 EXPLOITDB text VERIFIED
Social Share - 'search' Cross-Site Scripting
by Aliaksandr Hartsuyeu
CVE-2010-5096 EXPLOITDB text VERIFIED
MyBB < 1.6.1 - SQL Injection via Search or Private Keywords Parameter
Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) before 1.6.1 allow remote attackers to execute arbitrary SQL commands via the keywords parameter in a (1) do_search action to search.php or (2) do_stuff action to private.php. NOTE: the vendor disputes this issue, saying "Although this doesn't lead to an SQL injection, it does provide a general MyBB SQL error.
by Aung Khant
CVE-2010-5096 EXPLOITDB text VERIFIED
MyBB < 1.6.1 - SQL Injection via Search or Private Keywords Parameter
Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) before 1.6.1 allow remote attackers to execute arbitrary SQL commands via the keywords parameter in a (1) do_search action to search.php or (2) do_stuff action to private.php. NOTE: the vendor disputes this issue, saying "Although this doesn't lead to an SQL injection, it does provide a general MyBB SQL error.
by Aung Khant
EIP-2026-108486 EXPLOITDB text
Joomla! Component com_ponygallery - Remote File Inclusion
by AtT4CKxT3rR0r1ST
EIP-2026-108256 EXPLOITDB text
Joomla! Component com_adsmanager - Remote File Inclusion
by AtT4CKxT3rR0r1ST
EIP-2026-107948 EXPLOITDB text VERIFIED
IPN Development Handler 2.0 - Multiple Vulnerabilities
by AtT4CKxT3rR0r1ST
EIP-2026-106270 EXPLOITDB text
CubeCart 3.0.4 - SQL Injection
by Dr.NeT