Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-111236 EXPLOITDB text VERIFIED
PHPWCMS 1.4.5 - 'PHPwcms.php' Cross-Site Scripting
by High-Tech Bridge SA
EIP-2026-108845 EXPLOITDB text VERIFIED
Joomla! Component redSHOP 1.0.23.1 - Blind SQL Injection
by Salvatore Fresta
EIP-2026-107375 EXPLOITDB text VERIFIED
Gekko Web Builder 9.0 - 'index.php' Cross-Site Scripting
by High-Tech Bridge SA
EIP-2026-107076 EXPLOITDB text VERIFIED
FestOS 2.3 - 'contents' Cross-Site Scripting
by High-Tech Bridge SA
EIP-2026-105702 EXPLOITDB text VERIFIED
Campsite CMS - Remote Persistent Cross-Site Scripting
by D4rk357
CVE-2010-2905 EXPLOITDB text VERIFIED
ScriptsFeed/BrotherScripts - SQL Injection
SQL injection vulnerability in info.php in ScriptsFeed and BrotherScripts (BS) Scripts Directory allows remote attackers to execute arbitrary SQL commands via the id parameter.
by D4rk357
EIP-2026-103688 EXPLOITDB text VERIFIED
Unreal Engine - 'ReceivedRawBunch()' Denial of Service
by Luigi Auriemma
CVE-2010-2782 EXPLOITDB text VERIFIED
Novell Groupwise Webaccess - Stack Overflow
by Francis Provencher
EIP-2026-102529 EXPLOITDB text VERIFIED
ORACLE Business Process Management (Process Administrator) 5.7-6.0-10.3 - Cross-Site Scripting
by Markot
EIP-2026-106029 EXPLOITDB text
CMSQLite - SQL Injection
by High-Tech Bridge SA
EIP-2026-104932 EXPLOITDB text
Ad Network Script - Persistent Cross-Site Scripting
by Sid3^effects
EIP-2026-104819 EXPLOITDB text
2DayBiz Businesscard Script - Authentication Bypass
by D4rk357
CVE-2010-1870 EXPLOITDB text
Apache Struts 2.0.0-2.1.8.1 - Remote Code Execution via OGNL Context Variable Manipulation
The OGNL extensive expression evaluation capability in XWork in Struts 2.0.0 through 2.1.8.1, as used in Atlassian Fisheye, Crucible, and possibly other products, uses a permissive whitelist, which allows remote attackers to modify server-side context objects and bypass the "#" protection mechanism in ParameterInterceptors via the (1) #context, (2) #_memberAccess, (3) #root, (4) #this, (5) #_typeResolver, (6) #_classResolver, (7) #_traceEvaluations, (8) #_lastEvaluation, (9) #_keepLastEvaluation, and possibly other OGNL context variables, a different vulnerability than CVE-2008-6504.
by Meder Kydyraliev
EIP-2026-119361 EXPLOITDB text VERIFIED
dotDefender 4.02 - Authentication Bypass
by David K
CVE-2010-2383 EXPLOITDB text VERIFIED
Oracle Solaris <10 - Info Disclosure
Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect confidentiality and integrity, related to NFS.
by Frank Stuart
CVE-2010-0916 EXPLOITDB text VERIFIED
Oracle OpenSolaris 10 - Info Disclosure
Unspecified vulnerability in Oracle OpenSolaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to rdist.
by Monarch Rich
EIP-2026-108500 EXPLOITDB text
Joomla! Component com_qcontacts - SQL Injection
by _mlk_
EIP-2026-107696 EXPLOITDB text VERIFIED
I-net Enquiry Management Script - SQL Injection
by D4rk357
EIP-2026-106437 EXPLOITDB text VERIFIED
Diem 5.1.2 - Multiple Cross-Site Scripting Vulnerabilities
by High-Tech Bridge SA
EIP-2026-106284 EXPLOITDB text
CustomCMS - Persistent Cross-Site Scripting
by Sid3^effects
CVE-2010-2917 EXPLOITDB text
AJ Square AJ Article 3.0 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in index.php in AJ Square AJ Article 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) emailid, (2) fname, (3) lname, (4) company, (5) address1, (6) address2, (7) city, (8) state, (9) zipcode, (10) phone, and (11) fax parameters in an update action. NOTE: some of these details are obtained from third party information.
by Sid3^effects
CVE-2010-2375 EXPLOITDB text VERIFIED
Oracle Fusion Middleware - Confidentiality Integrity
Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebLogic Server component in Oracle Fusion Middleware 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, 10.3.2, and 10.3.3 allows remote attackers to affect confidentiality and integrity, related to IIS.
by Timothy D. Morgan
CVE-2010-2370 EXPLOITDB text VERIFIED
Oracle Fusion Middleware <10.3 - Info Disclosure
Unspecified vulnerability in the Oracle Business Process Management component in Oracle Fusion Middleware 5.7 MP3, 6.0 MP5, and 10.3 MP2 allows remote attackers to affect integrity, related to BPM.
by Markot
EIP-2026-115096 EXPLOITDB text VERIFIED
Corel Presentations X5 15.0.0.357 - 'shw' Buffer Preoccupation (PoC)
by LiquidWorm
EIP-2026-108670 EXPLOITDB text VERIFIED
Joomla! Component healthstats - Persistent Cross-Site Scripting
by Sid3^effects
By Source
All 31,386 Writeup 62,633 Exploitdb 50,076 Nomisec 22,505 Github 3,761 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 483 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,641 ruby 6,006 c 3,635 perl 2,849 html 2,076 php 1,335 bash 462 java 371 c++ 261 javascript 231 shell 140 go 75 postscript 25 typescript 25