Exploitdb Exploits

31,344 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-103835 EXPLOITDB text VERIFIED
Accton-based switches (3com / Dell / SMC / Foundry / EdgeCore) - Backdoor Password
by Edwin Eefting
EIP-2026-100513 EXPLOITDB text VERIFIED
rainbowportal - Multiple Vulnerabilities
by Abysssec
EIP-2026-119216 EXPLOITDB text VERIFIED
TFTPDWIN 0.4.2 - Directory Traversal
by chr1x
EIP-2026-119213 EXPLOITDB text VERIFIED
tftp desktop 2.5 - Directory Traversal
by chr1x
EIP-2026-115549 EXPLOITDB text VERIFIED
LeadTools ActiveX common dialogs 16.5 - Multiple Vulnerabilities
by LiquidWorm
EIP-2026-114952 EXPLOITDB text
Autodesk MapGuide Viewer - ActiveX Denial of Service
by d3b4g
EIP-2026-111825 EXPLOITDB text VERIFIED
Rumba XML 2.4 - 'index.php' Multiple HTML Injection Vulnerabilities
by High-Tech Bridge SA
EIP-2026-110710 EXPLOITDB text VERIFIED
PHP Joke Site Software - 'sbjoke_id' SQL Injection
by h4ck3r
CVE-2010-4879 EXPLOITDB text
dompdf 0.6.0 beta1 - Remote Code Execution via input_file Parameter
PHP remote file inclusion vulnerability in dompdf.php in dompdf 0.6.0 beta1 allows remote attackers to execute arbitrary PHP code via a URL in the input_file parameter.
by Andre_Corleone
EIP-2026-105163 EXPLOITDB text VERIFIED
Amiro.CMS 5.8.4.0 - Multiple HTML Injection Vulnerabilities
by High-Tech Bridge SA
EIP-2026-104530 EXPLOITDB text VERIFIED
Novell Netware 6.5 - OpenSSH Remote Stack Overflow
by Francis Provencher
EIP-2026-113228 EXPLOITDB text VERIFIED
Web-Ideas Web Shop Standard - SQL Injection
by Ariko-Security
CVE-2010-3211 EXPLOITDB text VERIFIED
JE FAQ Pro 1.5.0 - SQL Injection
Multiple SQL injection vulnerabilities in the JE FAQ Pro (com_jefaqpro) component 1.5.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via category categorylist operations with (1) the catid parameter or (2) the catid parameter in a lists action.
by Chip d3 bi0s
CVE-2010-3003 EXPLOITDB text VERIFIED
HP Insight Diagnostics Online Edition <8.5.0-11 - XSS
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.0-11 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
by Mr Teatime
CVE-2010-3003 EXPLOITDB text VERIFIED
HP Insight Diagnostics Online Edition <8.5.0-11 - XSS
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.0-11 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
by Mr Teatime
CVE-2010-3003 EXPLOITDB text VERIFIED
HP Insight Diagnostics Online Edition <8.5.0-11 - XSS
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.0-11 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
by Mr Teatime
CVE-2010-3003 EXPLOITDB text VERIFIED
HP Insight Diagnostics Online Edition <8.5.0-11 - XSS
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.0-11 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
by Mr Teatime
CVE-2010-3003 EXPLOITDB text VERIFIED
HP Insight Diagnostics Online Edition <8.5.0-11 - XSS
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.0-11 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
by Mr Teatime
CVE-2010-1818 EXPLOITDB text VERIFIED
Apple QuickTime <7.6.8 - RCE
The IPersistPropertyBag2::Read function in QTPlugin.ocx in Apple QuickTime 6.x, 7.x before 7.6.8, and other versions allows remote attackers to execute arbitrary code via the _Marshaled_pUnk attribute, which triggers unmarshalling of an untrusted pointer.
by Ruben Santamarta
CVE-2010-3209 EXPLOITDB text
Seagull 0.6.7 - RCE
Multiple PHP remote file inclusion vulnerabilities in Seagull 0.6.7 allow remote attackers to execute arbitrary PHP code via a URL in the includeFile parameter to (1) Config/Container.php and (2) HTML/QuickForm.php in fog/lib/pear/, the (3) driverpath parameter to fog/lib/pear/DB/NestedSet.php, and the (4) path parameter to fog/lib/pear/DB/NestedSet/Output.php.
by FoX HaCkEr
CVE-2010-3203 EXPLOITDB text VERIFIED
PicSell 1.0 - Path Traversal
Directory traversal vulnerability in the PicSell (com_picsell) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the dflink parameter in a prevsell dwnfree action to index.php.
by Craw
EIP-2026-113360 EXPLOITDB text VERIFIED
WebsiteKit Gbplus - 'Name' / 'Body' HTML Injection
by MiND
EIP-2026-112994 EXPLOITDB text
vBulletin 3.8.4/3.8.5 - Registration Bypass
by Immortal Boy
CVE-2010-3212 EXPLOITDB text VERIFIED
Seagull <0.6.7 - SQL Injection
SQL injection vulnerability in index.php in Seagull 0.6.7 and earlier allows remote attackers to execute arbitrary SQL commands via the frmQuestion parameter in a retrieve action, in conjunction with a user/password PATH_INFO.
by Sweet
CVE-2010-3210 EXPLOITDB text
Multi-lingual E-Commerce System 0.2 - RCE
Multiple PHP remote file inclusion vulnerabilities in Multi-lingual E-Commerce System 0.2 allow remote attackers to execute arbitrary PHP code via a URL in the include_path parameter to (1) checkout2-CYM.php, (2) checkout2-EN.php, (3) checkout2-FR.php, (4) cat-FR.php, (5) cat-EN.php, (6) cat-CYM.php, (7) checkout1-CYM.php, (8) checkout1-EN.php, (9) checkout1-FR.php, (10) prod-CYM.php, (11) prod-EN.php, and (12) prod-FR.php in inc/.
by JosS
By Source
All 31,344 Writeup 60,398 Exploitdb 50,009 Nomisec 21,907 Metasploit 3,227 Github 2,752 Vulncheck_xdb 907 Inthewild 514 Gitlab 442 Gitee 415 Patchapalooza 312
By Language
text 31,344 python 6,044 ruby 5,916 c 3,579 perl 2,849 html 2,054 php 1,326 bash 460 java 364 c++ 251 javascript 220 shell 97 go 61 postscript 25 xml 24