Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-106925 EXPLOITDB text VERIFIED
Evaria Content Management System 1.1 - File Disclosure
by khayeye shotor
CVE-2010-4866 EXPLOITDB text VERIFIED
chipmunk_board 1.3 - SQL Injection via forumID Parameter
SQL injection vulnerability in index.php in Chipmunk Board 1.3 allows remote attackers to execute arbitrary SQL commands via the forumID parameter.
by Shamus
EIP-2026-100825 EXPLOITDB text VERIFIED
Intellicom Netbiter webSCADA Products - 'read.cgi' Multiple Remote Security Vulnerabilities
by Eugene Salov
CVE-2010-4865 EXPLOITDB text VERIFIED
JE Guestbook (com_jeguestbook) 1.0 - SQL Injection
SQL injection vulnerability in the JE Guestbook (com_jeguestbook) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the d_itemid parameter in an item_detail action to index.php.
by Salvatore Fresta
EIP-2026-108124 EXPLOITDB text
JomSocial 1.8.8 - Arbitrary File Upload
by Jeff Channell
EIP-2026-100135 EXPLOITDB text VERIFIED
ASPMass Shopping Cart - Arbitrary File Upload / Cross-Site Request Forgery
by Abysssec
CVE-2010-1245 EXPLOITDB text VERIFIED
Microsoft Office <2008 for Mac - RCE
Unspecified vulnerability in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed SxView (0xB0) record, aka "Excel Record Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0824 and CVE-2010-0821.
by Abysssec
EIP-2026-113368 EXPLOITDB text
Webspell 4.x - safe_query Bypass
by silent vapor
CVE-2010-4861 EXPLOITDB text VERIFIED
webSPELL 4.2.1 - SQL Injection via asearch.php Search Parameter
SQL injection vulnerability in asearch.php in webSPELL 4.2.1 allows remote attackers to execute arbitrary SQL commands via the search parameter.
by silent vapor
EIP-2026-111353 EXPLOITDB text VERIFIED
Pluck CMS 4.6.3 - 'cont1' HTML Injection
by High-Tech Bridge SA
CVE-2010-4860 EXPLOITDB text VERIFIED
MyPhpAuction 2010 - SQL Injection via product_desc.php id Parameter
SQL injection vulnerability in product_desc.php in MyPhpAuction 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by h4ck3r
CVE-2010-5278 EXPLOITDB text VERIFIED
MODx Revolution <2.0.2-pl - Path Traversal
Directory traversal vulnerability in manager/controllers/default/resource/tvs.php in MODx Revolution 2.0.2-pl, and possibly earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the class_key parameter. NOTE: some of these details are obtained from third party information.
by John Leitch
CVE-2010-4883 EXPLOITDB text VERIFIED
MODx Revolution 2.0.2-pl - Cross-Site Scripting via modhash Parameter
Cross-site scripting (XSS) vulnerability in manager/index.php in MODx Revolution 2.0.2-pl allows remote attackers to inject arbitrary web script or HTML via the modhash parameter.
by John Leitch
EIP-2026-119347 EXPLOITDB text
Aleza Portal 1.6 - Insecure SQL Injection / Cookie Handling
by KnocKout
CVE-2010-4821 EXPLOITDB text VERIFIED
phpmyfaq < 2.6.9 - Cross-Site Scripting via PATH_INFO to index.php
Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.6.9 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php.
by Yam Mesicka
EIP-2026-109445 EXPLOITDB text
Micro CMS 1.0 b1 - Persistent Cross-Site Scripting
by SecPod Research
EIP-2026-109443 EXPLOITDB text VERIFIED
Micro CMS 1.0 - 'name' HTML Injection (1)
by Veerendra G.G
EIP-2026-108075 EXPLOITDB text VERIFIED
JE CMS 1.0.0 - Authentication Bypass
by Abysssec
EIP-2026-106655 EXPLOITDB text
e107 0.7.23 - SQL Injection
by High-Tech Bridge SA
EIP-2026-104912 EXPLOITDB text VERIFIED
Achievo 1.4.3 - Multiple Authorisation Vulnerabilities
by Pablo Milano
EIP-2026-104911 EXPLOITDB text VERIFIED
Achievo 1.4.3 - Cross-Site Request Forgery
by Pablo Milano
EIP-2026-100153 EXPLOITDB text VERIFIED
AtomatiCMS - Upload Arbitrary File
by Abysssec
CVE-2010-4946 EXPLOITDB text
ALLPC 2.5 - SQL Injection via products_id Parameter
SQL injection vulnerability in product_info.php in ALLPC 2.5 allows remote attackers to execute arbitrary SQL commands via the products_id parameter.
by **RoAd_KiLlEr**
CVE-2010-4947 EXPLOITDB text
ALLPC 2.5 - Cross-Site Scripting via Advanced Search Keywords Parameter
Cross-site scripting (XSS) vulnerability in advanced_search_result.php in ALLPC 2.5 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter.
by **RoAd_KiLlEr**
EIP-2026-115277 EXPLOITDB text VERIFIED
Fox Audio Player 0.8.0 - '.m3u' Denial of Service
by 4n0nym0us
By Source
All 31,386 Writeup 62,573 Exploitdb 50,076 Nomisec 22,496 Github 3,735 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 480 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,630 ruby 6,006 c 3,635 perl 2,849 html 2,076 php 1,334 bash 462 java 371 c++ 261 javascript 231 shell 137 go 73 postscript 25 typescript 25