Exploitdb Exploits

31,344 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-106528 EXPLOITDB text
Dolphin 7.0.3 - Multiple Vulnerabilities
by anT!-Tr0J4n
EIP-2026-105344 EXPLOITDB text
Azaronline Design - SQL Injection
by XroGuE
CVE-2010-3863 EXPLOITDB text VERIFIED
Apache Shiro < 1.0.0 - Path Traversal
Apache Shiro before 1.1.0, and JSecurity 0.9.x, does not canonicalize URI paths before comparing them to entries in the shiro.ini file, which allows remote attackers to bypass intended access restrictions via a crafted request, as demonstrated by the /./account/index.jsp URI.
by Luke Taylor
CVE-2010-3879 EXPLOITDB text VERIFIED
Libfuse < 2.8.5 - Symlink Following
FUSE, possibly 2.8.5 and earlier, allows local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink attack on the parent directory of the mountpoint of a FUSE filesystem, a different vulnerability than CVE-2010-0789.
by halfdog
CVE-2010-4635 EXPLOITDB text VERIFIED
Site2nite Vacation Rental Listings - SQL Injection
SQL injection vulnerability in detail.asp in Site2Nite Vacation Rental (VRBO) Listings allows remote attackers to execute arbitrary SQL commands via the ID parameter.
by L0rd CrusAd3r
CVE-2010-4636 EXPLOITDB text VERIFIED
Site2nite Business E-listings - SQL Injection
SQL injection vulnerability in detail.asp in Site2Nite Business e-Listings allows remote attackers to execute arbitrary SQL commands via the ID parameter.
by L0rd CrusAd3r
CVE-2010-4186 EXPLOITDB text VERIFIED
Onlinetechtools.com Oasys Professional - SQL Injection
SQL injection vulnerability in process.asp in OnlineTechTools Online Work Order System (OWOS) Professional Edition 2.10 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: some of these details are obtained from third party information.
by L0rd CrusAd3r
EIP-2026-100241 EXPLOITDB text VERIFIED
Digger Solutions NewsLetter Open Source - SQL Injection
by L0rd CrusAd3r
EIP-2026-100229 EXPLOITDB text VERIFIED
Comrie Software Pay Roll Time Sheet & Punch Card - Authentication Bypass
by L0rd CrusAd3r
CVE-2010-4181 EXPLOITDB text
Yaws - Path Traversal
Directory traversal vulnerability in Yaws 1.89 allows remote attackers to read arbitrary files via ..\ (dot dot backslash) and other sequences.
by nitr0us
EIP-2026-119055 EXPLOITDB text VERIFIED
Project Jug 1.0.0 - Directory Traversal
by John Leitch
EIP-2026-118920 EXPLOITDB text VERIFIED
Mongoose Web Server 2.11 - Directory Traversal
by nitr0us
EIP-2026-114404 EXPLOITDB text VERIFIED
XAMPP 1.7.3 - Multiple Vulnerabilities
by TheLeader
CVE-2010-3977 EXPLOITDB text VERIFIED
Deliciousdays Cforms - XSS
Multiple cross-site scripting (XSS) vulnerabilities in wp-content/plugins/cforms/lib_ajax.php in cforms WordPress plugin 11.5 allow remote attackers to inject arbitrary web script or HTML via the (1) rs and (2) rsargs[] parameters.
by Wagner Elias
EIP-2026-112246 EXPLOITDB text VERIFIED
SmartOptimizer - Null Character Remote Information Disclosure
by Francois Harvey
EIP-2026-106815 EXPLOITDB text VERIFIED
Elastix 2.0.2 - Multiple Cross-Site Scripting Vulnerabilities
by dave b
CVE-2010-4269 EXPLOITDB text
O-dyn Collabtive - SQL Injection
SQL injection vulnerability in managechat.php in Collabtive 0.65 allows remote attackers to execute arbitrary SQL commands via the chatstart[USERTOID] cookie in a pull action.
by Anatolia Security
EIP-2026-103923 EXPLOITDB text VERIFIED
Home File Share Server 0.7.2 32 - Directory Traversal
by John Leitch
EIP-2026-100281 EXPLOITDB text VERIFIED
douran portal 3.9.7.55 - Multiple Vulnerabilities
by ITSecTeam
EIP-2026-100280 EXPLOITDB text VERIFIED
Douran Portal 3.9.7.55 - Arbitrary File Upload / Cross-Site Scripting
by ITSecTeam
EIP-2026-119149 EXPLOITDB text VERIFIED
SmallFTPd 1.0.3 - Directory Traversal
by Yakir Wizman
CVE-2010-4272 EXPLOITDB text VERIFIED
Pulseinfotech Com Sponsorwall - SQL Injection
SQL injection vulnerability in the Pulse Infotech Sponsor Wall (com_sponsorwall) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
by FL0RiX
CVE-2010-4268 EXPLOITDB text VERIFIED
Pulseinfotech Com Flipwall - SQL Injection
SQL injection vulnerability in the Pulse Infotech Flip Wall (com_flipwall) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
by FL0RiX
EIP-2026-114647 EXPLOITDB text
Zoopeer 0.1/0.2 - 'FCKeditor' Arbitrary File Upload
by Net.Edit0r
EIP-2026-112157 EXPLOITDB text
Simpli Easy (AFC Simple) NewsLetter 4.2 - Cross-Site Scripting / Information Leakage
by p0deje
By Source
All 31,344 Writeup 60,393 Exploitdb 50,009 Nomisec 21,896 Metasploit 3,227 Github 2,737 Vulncheck_xdb 907 Inthewild 514 Gitlab 442 Gitee 415 Patchapalooza 312
By Language
text 31,344 python 6,039 ruby 5,916 c 3,576 perl 2,849 html 2,053 php 1,326 bash 460 java 364 c++ 251 javascript 220 shell 96 go 61 postscript 25 xml 24