Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-105622 EXPLOITDB text
Bs Auction Script - SQL Injection
by Sid3^effects
EIP-2026-105493 EXPLOITDB text VERIFIED
Bitweaver 2.7 - 'fImg' Cross-Site Scripting
by John Leitch
EIP-2026-105421 EXPLOITDB text VERIFIED
bbPress 1.0.2 - Cross-Site Request Forgery (Change Admin Password)
by saudi0hacker
EIP-2026-103942 EXPLOITDB text VERIFIED
id Software id Tech 4 Engine - 'key' Packet Remote Code Execution
by Luigi Auriemma
EIP-2026-103454 EXPLOITDB text VERIFIED
EDItran Communications Platform (editcp) 4.1 - Remote Buffer Overflow
by Pedro Andujar
CVE-2010-2714 EXPLOITDB text VERIFIED
TCW PHP Album 1.0 - SQL Injection via Album Parameter
SQL injection vulnerability in photos/index.php in TCW PHP Album 1.0 allows remote attackers to execute arbitrary SQL commands via the album parameter.
by L0rd CrusAd3r
EIP-2026-114056 EXPLOITDB text VERIFIED
WordPress Plugin Simple:Press 4.3.0 - SQL Injection
by ADEO Security
CVE-2010-2715 EXPLOITDB text VERIFIED
TCW PHP Album 1.0 - Cross-Site Scripting via Album Parameter
Cross-site scripting (XSS) vulnerability in photos/index.php in TCW PHP Album 1.0 allows remote attackers to inject arbitrary web script or HTML via the album parameter.
by L0rd CrusAd3r
EIP-2026-111886 EXPLOITDB text VERIFIED
Sandbox 2.0.2 - Local File Inclusion
by saudi0hacker
EIP-2026-111043 EXPLOITDB text VERIFIED
phpFaber CMS 2.0.5 - Multiple Cross-Site Scripting Vulnerabilities
by prodigy
CVE-2010-2719 EXPLOITDB text
phpaaCms 0.3.1 UTF-8 - SQL Injection via show.php id Parameter
SQL injection vulnerability in show.php in phpaaCms 0.3.1 UTF-8, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Shafiq-Ur-Rehman
CVE-2010-2720 EXPLOITDB text
phpaaCms 0.3.1 UTF-8 - SQL Injection via list.php id Parameter
SQL injection vulnerability in list.php in phpaaCms 0.3.1 UTF-8, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information.
by CoBRa_21
EIP-2026-108828 EXPLOITDB text
Joomla! Component Phoca Gallery 2.7.3 - SQL Injection
by RoAd_KiLlEr
CVE-2010-4991 EXPLOITDB text
ninjaforge ninjamonials - SQL Injection via Itemid Parameter
SQL injection vulnerability in the NinjaMonials (com_ninjamonials) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a display action to index.php.
by Sid3^effects
EIP-2026-108655 EXPLOITDB text
Joomla! Component Front-End Article Manager System - Arbitrary File Upload
by Sid3^effects
CVE-2010-4990 EXPLOITDB text
com_addressbook - SQL Injection via Itemid Parameter
SQL injection vulnerability in the Front-edit Address Book (com_addressbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a contact action to index.php.
by Sid3^effects
EIP-2026-107785 EXPLOITDB text
iLister Listing Software - Local File Inclusion
by Sid3^effects
CVE-2010-4999 EXPLOITDB text VERIFIED
esoftpro Online Photo Pro 2.0 - SQL Injection
SQL injection vulnerability in index.php in esoftpro Online Photo Pro 2.0 allows remote attackers to execute arbitrary SQL commands via the section parameter.
by L0rd CrusAd3r
CVE-2010-4996 EXPLOITDB text
Esoftpro Online Guestbook Pro 5.1 - SQL Injection
SQL injection vulnerability in ogp_show.php in esoftpro Online Guestbook Pro 5.1 allows remote attackers to execute arbitrary SQL commands via the search parameter.
by L0rd CrusAd3r
CVE-2010-5001 EXPLOITDB text
Esoftpro Online Contact Manager 3.0 - SQL Injection
SQL injection vulnerability in view.php in esoftpro Online Contact Manager 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by L0rd CrusAd3r
EIP-2026-112511 EXPLOITDB text
SweetRice < 0.6.4 - 'FCKeditor' Arbitrary File Upload
by ITSecTeam
CVE-2010-4975 EXPLOITDB text
Techjoomla com_socialads - SQL Injection via Ads Description Field
SQL injection vulnerability in the Techjoomla SocialAds For JomSocial (com_socialads) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the ads description field in a showad action to index.php.
by Sid3^effects
CVE-2010-4993 EXPLOITDB text
Joomla! com_eventcal <1.6.4 - SQL Injection
SQL injection vulnerability in the eventcal (com_eventcal) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php.
by RoAd_KiLlEr
EIP-2026-108536 EXPLOITDB text VERIFIED
Joomla! Component com_seyret - Local File Inclusion
by Cooler_ unix
EIP-2026-107962 EXPLOITDB text VERIFIED
iScripts MultiCart 2.2 - Multiple SQL Injections
by Salvatore Fresta