Exploitdb Exploits

31,344 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-108075 EXPLOITDB text VERIFIED
JE CMS 1.0.0 - Authentication Bypass
by Abysssec
EIP-2026-106655 EXPLOITDB text
e107 0.7.23 - SQL Injection
by High-Tech Bridge SA
EIP-2026-104912 EXPLOITDB text VERIFIED
Achievo 1.4.3 - Multiple Authorisation Vulnerabilities
by Pablo Milano
EIP-2026-104911 EXPLOITDB text VERIFIED
Achievo 1.4.3 - Cross-Site Request Forgery
by Pablo Milano
EIP-2026-100153 EXPLOITDB text VERIFIED
AtomatiCMS - Upload Arbitrary File
by Abysssec
CVE-2010-4946 EXPLOITDB text
ALLPC 2.5 - SQL Injection
SQL injection vulnerability in product_info.php in ALLPC 2.5 allows remote attackers to execute arbitrary SQL commands via the products_id parameter.
by **RoAd_KiLlEr**
CVE-2010-4947 EXPLOITDB text
ALLPC 2.5 - XSS
Cross-site scripting (XSS) vulnerability in advanced_search_result.php in ALLPC 2.5 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter.
by **RoAd_KiLlEr**
EIP-2026-115277 EXPLOITDB text VERIFIED
Fox Audio Player 0.8.0 - '.m3u' Denial of Service
by 4n0nym0us
EIP-2026-110508 EXPLOITDB text VERIFIED
pbboard 2.1.1 - Multiple Vulnerabilities
by JIKO
EIP-2026-109864 EXPLOITDB text VERIFIED
NetArt Media Car Portal 2.0 - 'car' SQL Injection
by RoAd_KiLlEr
EIP-2026-109788 EXPLOITDB text VERIFIED
MySITE - SQL Injection / Cross-Site Scripting
by MustLive
CVE-2010-3695 EXPLOITDB text VERIFIED
Horde Imp < 4.3.7 - XSS
Cross-site scripting (XSS) vulnerability in fetchmailprefs.php in Horde IMP before 4.3.8, and Horde Groupware Webmail Edition before 1.2.7, allows remote attackers to inject arbitrary web script or HTML via the fm_id parameter in a fetchmail_prefs_save action, related to the Fetchmail configuration.
by Moritz Naumann
CVE-2010-4935 EXPLOITDB text VERIFIED
Entrans <0.3.2 - SQL Injection
SQL injection vulnerability in poll.php in Entrans 0.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sid parameter.
by keracker
EIP-2026-105713 EXPLOITDB text VERIFIED
Car Portal 2.0 - Blind SQL Injection
by **RoAd_KiLlEr**
EIP-2026-100453 EXPLOITDB text VERIFIED
ndCMS - SQL Injection
by Abysssec
EIP-2026-110539 EXPLOITDB text VERIFIED
PEEL Premium 5.71 - SQL Injection
by KnocKout
CVE-2010-3468 EXPLOITDB text VERIFIED
Mura CMS <5.1.498-5.2.2809 & Sava CMS 5-5.2 - Path Traversal
Directory traversal vulnerability in fileManager.cfc in Mura CMS 5.1 before 5.1.498 and 5.2 before 5.2.2809, and Sava CMS 5 through 5.2, allows remote attackers to read arbitrary files via a .. (dot dot) in the FILEID parameter to the default URI under tasks/render/file/.
by mr_me
EIP-2026-100341 EXPLOITDB text VERIFIED
gokhun asp stok 1.0 - Multiple Vulnerabilities
by KnocKout
EIP-2026-100605 EXPLOITDB text VERIFIED
VisualSite CMS 1.3 - Multiple Vulnerabilities
by Abysssec
EIP-2026-119570 EXPLOITDB text VERIFIED
Traidnt UP - Cross-Site Request Forgery (Add Admin)
by John Johnz
CVE-2010-4944 EXPLOITDB text
Mambo/Joomla! - com_elite_experts - SQL Injection
SQL injection vulnerability in the Elite Experts (com_elite_experts) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showExpertProfileDetailed action to index.php.
by **RoAd_KiLlEr**
CVE-2010-3490 EXPLOITDB text VERIFIED
FreePBX <2.8.0 - Path Traversal
Directory traversal vulnerability in page.recordings.php in the System Recordings component in the configuration interface in FreePBX 2.8.0 and earlier allows remote authenticated administrators to create arbitrary files via a .. (dot dot) in the usersnum parameter to admin/config.php, as demonstrated by creating a .php file under the web root.
by Trustwave's SpiderLabs
EIP-2026-106056 EXPLOITDB text
Collaborative Passwords Manager 1.07 - Multiple Local File Inclusions
by sh00t0ut
EIP-2026-115651 EXPLOITDB text VERIFIED
Microsoft Excel 2002 - Memory Corruption
by Abysssec
EIP-2026-115650 EXPLOITDB text VERIFIED
Microsoft Excel - HFPicture Record Parsing Memory Corruption
by Abysssec
By Source
All 31,344 Writeup 60,396 Exploitdb 50,009 Nomisec 21,904 Metasploit 3,227 Github 2,744 Vulncheck_xdb 907 Inthewild 514 Gitlab 442 Gitee 415 Patchapalooza 312
By Language
text 31,344 python 6,041 ruby 5,916 c 3,577 perl 2,849 html 2,054 php 1,326 bash 460 java 364 c++ 251 javascript 220 shell 97 go 61 postscript 25 xml 24