Exploitdb Exploits

31,344 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-108346 EXPLOITDB text VERIFIED
Joomla! Component com_fireboard - 'Itemid' SQL Injection
by ViRuS Qalaa
EIP-2026-107520 EXPLOITDB text
Guestbook Script PHP - Cross-Site Scripting / HTML Injection
by AnTi SeCuRe
CVE-2010-2862 EXPLOITDB text VERIFIED
Adobe Reader <9.3.3 - RCE
Integer overflow in CoolType.dll in Adobe Reader 8.2.3 and 9.3.3, and Acrobat 9.3.3, allows remote attackers to execute arbitrary code via a TrueType font with a large maxCompositePoints value in a Maximum Profile (maxp) table.
by Ramz Afzar
EIP-2026-112398 EXPLOITDB text VERIFIED
Sports Accelerator Suite 2.0 - 'news_id' SQL Injection
by LiquidWorm
EIP-2026-112007 EXPLOITDB text
sFileManager 24a - Local File Inclusion
by Pepelux
EIP-2026-104916 EXPLOITDB text
ACollab - Multiple Vulnerabilities
by AmnPardaz
EIP-2026-118878 EXPLOITDB text VERIFIED
Microsoft Windows Kerberos - 'Pass The Ticket' Replay Security Bypass
by Emmanuel Bouillon
EIP-2026-116252 EXPLOITDB text VERIFIED
SmartCode ServerX VNC Server ActiveX 1.1.5.0 - 'scvncsrvx.dll' Denial of Service
by LiquidWorm
EIP-2026-111346 EXPLOITDB text
Plogger - Remote File Disclosure
by Mr.tro0oqy
CVE-2010-4939 EXPLOITDB text
PHP <MailForm 1.2 - RCE
PHP remote file inclusion vulnerability in index.php in MailForm 1.2 allows remote attackers to execute arbitrary PHP code via a URL in the theme parameter.
by LoSt.HaCkEr
CVE-2010-4934 EXPLOITDB text
Get Tube <4.51 - SQL Injection
SQL injection vulnerability in video.php in Get Tube 4.51 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Mr.P3rfekT
EIP-2026-106771 EXPLOITDB text VERIFIED
Edit-X PHP CMS - 'search_text' Cross-Site Scripting
by High-Tech Bridge SA
EIP-2026-105999 EXPLOITDB text VERIFIED
CMS Source - Multiple Input Validation Vulnerabilities
by High-Tech Bridge SA
EIP-2026-119569 EXPLOITDB text
PHP-Nuke 8.1 SEO Arabic - Remote File Inclusion
by LoSt.HaCkEr
CVE-2009-3252 EXPLOITDB text VERIFIED
Dave Robinson Rockbandcms - SQL Injection
Multiple SQL injection vulnerabilities in news.php in Rock Band CMS 0.10 allow remote attackers to execute arbitrary SQL commands via the (1) year and (2) id parameters.
by Affix
EIP-2026-104073 EXPLOITDB text VERIFIED
ServletExec - Directory Traversal / Authentication Bypass
by Stefano Di Paola
EIP-2026-102470 EXPLOITDB text VERIFIED
Computer Associates Oneview Monitor 6.0 - 'doSave.jsp' Remote Code Execution
by Giorgio Fedon
EIP-2026-119047 EXPLOITDB text VERIFIED
Portable Document Format - Specification Signature Collision
by Florian Zumbiehl
CVE-2010-4943 EXPLOITDB text
Saurus CMS 4.7.0 - RCE
Multiple PHP remote file inclusion vulnerabilities in Saurus CMS 4.7.0 allow remote attackers to execute arbitrary PHP code via a URL in the class_path parameter to (1) file.php or (2) com_del.php.
by LoSt.HaCkEr
EIP-2026-111134 EXPLOITDB text
phpMUR - Remote File Disclosure
by Offensive
EIP-2026-109741 EXPLOITDB text VERIFIED
MybbCentral TagCloud 2.0 - 'Topic' HTML Injection
by 3ethicalhackers.com
EIP-2026-109031 EXPLOITDB text VERIFIED
KnowledgeTree 3.5.2 Community Edition - Persistent Cross-Site Scripting
by fdiskyou
CVE-2010-4924 EXPLOITDB text
clearBudget <0.9.8 - RCE
PHP remote file inclusion vulnerability in logic/controller.class.php in clearBudget 0.9.8 allows remote attackers to execute arbitrary PHP code via a URL in the actionPath parameter. NOTE: this issue has been disputed by a reliable third party
by Offensive
EIP-2026-102455 EXPLOITDB text
Apache JackRabbit 2.0.0 - webapp XPath Injection
by ADEO Security
EIP-2026-118262 EXPLOITDB text VERIFIED
AoA Audio Extractor - Remote ActiveX SEH JIT Spray (ASLR + DEP Bypass)
by Dr_IDE
By Source
All 31,344 Writeup 60,398 Exploitdb 50,009 Nomisec 21,907 Metasploit 3,227 Github 2,752 Vulncheck_xdb 907 Inthewild 514 Gitlab 442 Gitee 415 Patchapalooza 312
By Language
text 31,344 python 6,044 ruby 5,916 c 3,579 perl 2,849 html 2,054 php 1,326 bash 460 java 364 c++ 251 javascript 220 shell 97 go 61 postscript 25 xml 24