Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
CVE-2010-2846 EXPLOITDB text VERIFIED
InterJoomla ArtForms (com_artforms) 2.1b7.2 RC2 - Cross-Site Scripting via afmsg Parameter
Cross-site scripting (XSS) vulnerability in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the afmsg parameter to index.php.
by Salvatore Fresta
CVE-2010-2697 EXPLOITDB text VERIFIED
Sijio Community Software - Authenticated Stored Cross-Site Scripting via Blog Title Parameter
Cross-site scripting (XSS) vulnerability in Sijio Community Software allows remote authenticated users to inject arbitrary web script or HTML via the title parameter when adding a new blog, related to edit_blog/index.php. NOTE: some of these details are obtained from third party information.
by Sid3^effects
CVE-2010-2696 EXPLOITDB text VERIFIED
Sijio Community Software - SQL Injection
SQL injection vulnerability in gallery/index.php in Sijio Community Software allows remote attackers to execute arbitrary SQL commands via the parent parameter.
by Sid3^effects
CVE-2010-1964 EXPLOITDB text VERIFIED
HP OpenView Network Node Manager ovwebsnmpsrv.exe ovutil Buffer Overflow
Buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unspecified parameters to jovgraph.exe, aka ZDI-CAN-683.
by bitform
EIP-2026-114372 EXPLOITDB text VERIFIED
Worxware DCP-Portal 7.0 - Multiple Cross-Site Scripting Vulnerabilities
by Andrei Rimsa Alvares
CVE-2010-4986 EXPLOITDB text VERIFIED
Simple Document Management System - SQL Injection
SQL injection vulnerability in detail.php in Simple Document Management System (SDMS) allows remote attackers to execute arbitrary SQL commands via the doc_id parameter.
by Sid3^effects
CVE-2010-2698 EXPLOITDB text VERIFIED
Sijio Community Software - Authenticated Cross-Site Scripting via Title Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Sijio Community Software allow remote authenticated users to inject arbitrary web script or HTML via the title parameter when (1) editing a new blog, (2) adding an album, or (3) editing an album. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by Sid3^effects
EIP-2026-111833 EXPLOITDB text VERIFIED
RunCMS 2.1 - 'check.php' Cross-Site Scripting
by Andrei Rimsa Alvares
CVE-2010-4992 EXPLOITDB text
Payments Plus 2.1.5 - SQL Injection
SQL injection vulnerability in the Payments Plus component 2.1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the type parameter to add.html.
by Sid3^effects
CVE-2010-2848 EXPLOITDB text VERIFIED
InterJoomla ArtForms <2.1b7.2 - Path Traversal
Directory traversal vulnerability in assets/captcha/includes/alikon/playcode.php in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the l parameter.
by Salvatore Fresta
EIP-2026-107491 EXPLOITDB text VERIFIED
Green Shop - SQL Injection
by PrinceofHacking
CVE-2010-5002 EXPLOITDB text VERIFIED
Exponent CMS 0.97.0 - Cross-Site Scripting via u Parameter
Cross-site scripting (XSS) vulnerability in modules/slideshowmodule/slideshow.js.php in Exponent CMS 0.97.0 allows remote attackers to inject arbitrary web script or HTML via the u parameter.
by Andrei Rimsa Alvares
EIP-2026-103686 EXPLOITDB text VERIFIED
Ubisoft Ghost Recon Advanced Warfighter - Integer Overflow / Array Indexing Overflow
by Luigi Auriemma
CVE-2010-2655 EXPLOITDB text VERIFIED
IBM Advanced Management Module < 2.48 - Authenticated Path Traversal via DIR Parameter
Directory traversal vulnerability in private/file_management.php on the IBM BladeCenter with Advanced Management Module (AMM) firmware build ID BPET48L, and possibly other versions before 4.7 and 5.0, allows remote authenticated users to list arbitrary directories and possibly have unspecified other impact via a .. (dot dot) in the DIR parameter.
by Alexey Sintsov
CVE-2010-2654 EXPLOITDB text VERIFIED
IBM BladeCenter AMM <4.7 and 5.0 - XSS
Multiple cross-site scripting (XSS) vulnerabilities on the IBM BladeCenter with Advanced Management Module (AMM) firmware build ID BPET48L, and possibly other versions before 4.7 and 5.0, allow remote attackers to inject arbitrary web script or HTML via the (1) INDEX or (2) IPADDR parameter to private/cindefn.php, (3) the domain parameter to private/power_management_policy_options.php, the slot parameter to (4) private/pm_temp.php or (5) private/power_module.php, (6) the WEBINDEX parameter to private/blade_leds.php, or (7) the SLOT parameter to private/ipmi_bladestatus.php.
by Alexey Sintsov
EIP-2026-116346 EXPLOITDB text VERIFIED
Sun Java Web Server 7.0 u7 - Admin Interface Denial of Service
by muts
EIP-2026-111887 EXPLOITDB text VERIFIED
sandbox 2.0.3 - Multiple Vulnerabilities
by Salvatore Fresta
CVE-2010-2716 EXPLOITDB text
PsNews 1.3 - SQL Injection via id Parameter
Multiple SQL injection vulnerabilities in PsNews 1.3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) ndetail.php and (2) print.php.
by S.W.T
EIP-2026-111493 EXPLOITDB text VERIFIED
PreProject Multi-Vendor Shopping Malls - SQL Injection / Authentication Bypass
by **RoAd_KiLlEr**
EIP-2026-109974 EXPLOITDB text VERIFIED
NTSOFT BBS E-Market Professional - Multiple Cross-Site Scripting Vulnerabilities (2)
by Ivan Sanchez
CVE-2010-2721 EXPLOITDB text VERIFIED
RightInPoint Lyrics Script 3.0 - SQL Injection
SQL injection vulnerability in index.php in RightInPoint Lyrics Script 3.0 allows remote attackers to execute arbitrary SQL commands via the artist_id parameter in an addalbum action.
by Sid3^effects
CVE-2010-4995 EXPLOITDB text
NeoRecruit 1.6.4 - SQL Injection via Itemid Parameter
SQL injection vulnerability in the NeoRecruit (com_neorecruit) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in an offer_view action to index.php, a different vector than CVE-2007-4506.
by Sid3^effects
CVE-2010-5003 EXPLOITDB text VERIFIED
Joomla! AutarTimonial 1.0.8 - SQL Injection
SQL injection vulnerability in the AutarTimonial (com_autartimonial) component 1.0.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the limit parameter in an autartimonial action to index.php. NOTE: some of these details are obtained from third party information.
by Sid3^effects
CVE-2010-2656 EXPLOITDB text VERIFIED
IBM Advanced Management Module < 2.48 - Unauthenticated Sensitive Information Exposure via Direct Request
The IBM BladeCenter with Advanced Management Module (AMM) firmware build ID BPET48L, and possibly other versions before 4.7 and 5.0, stores sensitive information under the web root with insufficient access control, which allows remote attackers to download (1) logs or (2) core files via direct requests, as demonstrated by a request for private/sdc.tgz.
by Alexey Sintsov
EIP-2026-107700 EXPLOITDB text VERIFIED
i-Net Solution Matrimonial Script 2.0.3 - 'alert.php' Cross-Site Scripting
by Andrea Bocchetti
By Source
All 31,386 Writeup 62,633 Exploitdb 50,076 Nomisec 22,505 Github 3,761 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 483 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,641 ruby 6,006 c 3,635 perl 2,849 html 2,076 php 1,335 bash 462 java 371 c++ 261 javascript 231 shell 140 go 75 postscript 25 typescript 25