Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
CVE-2010-4412 EXPLOITDB text VERIFIED
pfSense 2 beta 4 - Cross-Site Scripting via id Parameter in pkg_edit.php
Multiple cross-site scripting (XSS) vulnerabilities in pfSense 2 beta 4 allow remote attackers to inject arbitrary web script or HTML via (1) the id parameter in an olsrd.xml action to pkg_edit.php, (2) the xml parameter to pkg.php, or the if parameter to (3) status_graph.php or (4) interfaces.php, a different vulnerability than CVE-2008-1182 and CVE-2010-4246.
by dave b
CVE-2010-4412 EXPLOITDB text VERIFIED
pfSense 2 beta 4 - Cross-Site Scripting via id Parameter in pkg_edit.php
Multiple cross-site scripting (XSS) vulnerabilities in pfSense 2 beta 4 allow remote attackers to inject arbitrary web script or HTML via (1) the id parameter in an olsrd.xml action to pkg_edit.php, (2) the xml parameter to pkg.php, or the if parameter to (3) status_graph.php or (4) interfaces.php, a different vulnerability than CVE-2008-1182 and CVE-2010-4246.
by dave b
CVE-2010-4412 EXPLOITDB text VERIFIED
pfSense 2 beta 4 - Cross-Site Scripting via id Parameter in pkg_edit.php
Multiple cross-site scripting (XSS) vulnerabilities in pfSense 2 beta 4 allow remote attackers to inject arbitrary web script or HTML via (1) the id parameter in an olsrd.xml action to pkg_edit.php, (2) the xml parameter to pkg.php, or the if parameter to (3) status_graph.php or (4) interfaces.php, a different vulnerability than CVE-2008-1182 and CVE-2010-4246.
by dave b
CVE-2010-4631 EXPLOITDB text VERIFIED
pilot_cart 7.3 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in ASPilot Pilot Cart 7.3 allow remote attackers to inject arbitrary web script or HTML via the (1) countrycode parameter to contact.asp, USERNAME parameter to (2) gateway.asp and (3) cart.asp, and the specific parameter to (4) quote.asp and (5) buyitnow.
by Ariko-Security
EIP-2026-118544 EXPLOITDB text VERIFIED
filecopa ftp server 6.01 - Directory Traversal
by Pawel Wylecial
EIP-2026-111582 EXPLOITDB text
Punbb 1.3.4 - Multiple Full Path Disclosures
by SYSTEM_OVERIDE
CVE-2010-4632 EXPLOITDB text VERIFIED
pilot_cart 7.3 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in ASPilot Pilot Cart 7.3 allow remote attackers to execute arbitrary SQL commands via the (1) article parameter to kb.asp, (2) specific parameter to cart.asp, (3) countrycode parameter to contact.asp, and the (4) srch parameter to search.asp. NOTE: the article parameter to pilot.asp is already covered by CVE-2008-2688.
by Ariko-Security
CVE-2010-10011 EXPLOITDB MEDIUM text VERIFIED
Acritum Femitter Server 1.04 - Path Traversal
A vulnerability, which was classified as problematic, was found in Acritum Femitter Server 1.04. Affected is an unknown function. The manipulation leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-250446 is the identifier assigned to this vulnerability.
by chr1x
CVSS 4.3
EIP-2026-118285 EXPLOITDB text VERIFIED
AT-TFTP Server 1.8 - Directory Traversal
by Yakir Wizman
EIP-2026-115320 EXPLOITDB text
G Data TotalCare 2011 - 'NtOpenKey' Race Condition
by Nikita Tarakanov
EIP-2026-114587 EXPLOITDB text
Zeeways Adserver - Multiple Vulnerabilities
by Valentin
EIP-2026-111026 EXPLOITDB text
phpCow 2.1 - File Inclusion
by ViRuS_HiMa
EIP-2026-109335 EXPLOITDB text
MassMirror Uploader - Remote File Inclusion
by ViciOuS
EIP-2026-108351 EXPLOITDB text VERIFIED
Joomla! Component com_forme 1.0.5 - Multiple Vulnerabilities
by jdc
EIP-2026-108326 EXPLOITDB text VERIFIED
Joomla! Component com_dcnews - Local File Inclusion
by Th3 RDX
EIP-2026-108316 EXPLOITDB text VERIFIED
Joomla! Component com_connect - Local File Inclusion
by Th3 RDX
EIP-2026-119289 EXPLOITDB text VERIFIED
WinTFTP Server Pro 3.1 - Directory Traversal
by Yakir Wizman
EIP-2026-119067 EXPLOITDB text
Quick Tftp Server Pro 2.1 - Directory Traversal
by Yakir Wizman
EIP-2026-115244 EXPLOITDB text VERIFIED
FileFuzz - Denial of Service
by Sweet
CVE-2010-3639 EXPLOITDB text VERIFIED
Adobe Flash Player < 9.0.289.0 - Denial of Service or Remote Code Execution
Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors.
by Matthew Bergin
CVE-2010-4853 EXPLOITDB text VERIFIED
chillcreations com_ccinvoices - SQL Injection via id Parameter
SQL injection vulnerability in the ccInvoices (com_ccinvoices) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewInv action to index.php.
by FL0RiX
EIP-2026-108215 EXPLOITDB text VERIFIED
Joomla! Component AutoArticles 3000 - SQL Injection
by jos_ali_joe
EIP-2026-108175 EXPLOITDB text VERIFIED
Joomla! 1.5.x - SQL Error Information Disclosure
by YGN Ethical Hacker Group
CVE-2010-4246 EXPLOITDB text VERIFIED
pfSense 1.2.3 and 2 beta 4 - Cross-Site Scripting via graph.php ifnum or ifname Parameter
Multiple cross-site scripting (XSS) vulnerabilities in graph.php in pfSense 1.2.3 and 2 beta 4 allow remote attackers to inject arbitrary web script or HTML via the (1) ifnum or (2) ifname parameter, a different vulnerability than CVE-2008-1182.
by dave b
CVE-2010-3709 EXPLOITDB text
PHP 5.2.0-5.2.14 and 5.3.0-5.3.3 - Denial of Service via ZipArchive::getArchiveComment
The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ZIP archive.
by Maksymilian Arciemowicz
By Source
All 31,386 Writeup 62,541 Exploitdb 50,076 Nomisec 22,494 Github 3,729 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 480 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,625 ruby 6,006 c 3,635 perl 2,849 html 2,076 php 1,334 bash 462 java 371 c++ 261 javascript 231 shell 137 go 73 postscript 25 typescript 25