Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-107312 EXPLOITDB text VERIFIED
FuseTalk 3.2/4.0 - Multiple Cross-Site Scripting Vulnerabilities
by Juan Manuel Garcia
CVE-2010-4988 EXPLOITDB text
Family Connections Who is Chatting <2.2.3 - RCE
PHP remote file inclusion vulnerability in mod_chatting/themes/default/header.php in Family Connections Who is Chatting 2.2.3 allows remote attackers to execute arbitrary PHP code via a URL in the TMPL[path] parameter.
by lumut--
CVE-2012-6083 EXPLOITDB HIGH text VERIFIED
freeciv < 2.3.3 - Denial of Service via Crafted Packet
Freeciv before 2.3.3 allows remote attackers to cause a denial of service via a crafted packet.
by Luigi Auriemma
CVSS 7.5
CVE-2010-4989 EXPLOITDB text
Ziggurat Farsi CMS - SQL Injection via main.asp grp Parameter
SQL injection vulnerability in main.asp in Ziggurat Farsi CMS allows remote attackers to execute arbitrary SQL commands via the grp parameter.
by Arash Saadatfar
CVE-2010-2731 EXPLOITDB text VERIFIED
Microsoft IIS 5.1 on Windows XP SP3 - Directory Authentication Bypass via Crafted Request
Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 on Windows XP SP3, when directory-based Basic Authentication is enabled, allows remote attackers to bypass intended access restrictions and execute ASP files via a crafted request, aka "Directory Authentication Bypass Vulnerability."
by Soroush Dalili
EIP-2026-111393 EXPLOITDB text
Pointter Social Network - Local File Inclusion
by Sid3^effects
EIP-2026-108535 EXPLOITDB text
Joomla! Component com_seyret - Blind SQL Injection
by RoAd_KiLlEr
EIP-2026-107957 EXPLOITDB text VERIFIED
iScripts EasyBiller - Cross-Site Scripting
by Sangteamtham
CVE-2010-4983 EXPLOITDB text VERIFIED
iScripts CyberMatch 1.0 - SQL Injection
SQL injection vulnerability in profile.php in iScripts CyberMatch 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Salvatore Fresta
EIP-2026-107947 EXPLOITDB text
Iphone Pointter Social Network - Local File Inclusion
by Sid3^effects
EIP-2026-105486 EXPLOITDB text VERIFIED
Bit Weaver 2.7 - Local File Inclusion
by John Leitch
EIP-2026-104510 EXPLOITDB text VERIFIED
Xplico 0.5.7 - 'add.ctp' Cross-Site Scripting (2)
by Marcos Garcia & Maximiliano Soler
EIP-2026-103343 EXPLOITDB text VERIFIED
Xplico 0.5.7 - 'add.ctp' Cross-Site Scripting (1)
by Marcos Garcia & Maximiliano Soler
EIP-2026-100597 EXPLOITDB text VERIFIED
VGM Forbin - 'article.asp' SQL Injection
by Th3 RDX
EIP-2026-100441 EXPLOITDB text VERIFIED
MooreAdvice - 'productlist.asp' SQL Injection
by Th3 RDX
CVE-2010-2549 EXPLOITDB text VERIFIED
Windows Vista SP1/SP2 and Server 2008 Gold/SP2 - Use-After-Free in LockProcessByClientId
Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2 and Server 2008 Gold and SP2 allows local users to gain privileges or cause a denial of service (system crash) by using a large number of calls to the NtUserCheckAccessForIntegrityLevel function to trigger a failure in the LockProcessByClientId function, leading to deletion of an in-use process object, aka "Win32k Reference Count Vulnerability."
by MSRC
EIP-2026-113426 EXPLOITDB text VERIFIED
Wiki Web Help 0.2.7 - Cross-Site Scripting / HTML Injection
by John Leitch
EIP-2026-111722 EXPLOITDB text VERIFIED
ReCMS - 'users_lang' Directory Traversal
by Locu
EIP-2026-109940 EXPLOITDB text VERIFIED
NinkoBB - Cross-Site Request Forgery
by ADEO Security
EIP-2026-108325 EXPLOITDB text
Joomla! Component com_dateconverter 0.1 - SQL Injection
by RoAd_KiLlEr
CVE-2010-4980 EXPLOITDB text VERIFIED
iScripts ReserveLogic 1.0 - SQL Injection
SQL injection vulnerability in packagedetails.php in iScripts ReserveLogic 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter.
by Salvatore Fresta
CVE-2010-2624 EXPLOITDB text VERIFIED
iScripts EasySnaps 2.0 - SQL Injection via Comment Parameter
Multiple SQL injection vulnerabilities in iScripts EasySnaps 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) comment parameter to add_comments.php, (2) values parameter to tags_details.php, or (3) begin parameter to greetings.php.
by Salvatore Fresta
EIP-2026-107885 EXPLOITDB text
Interscan Web Security 5.0 - Persistent Cross-Site Scripting
by Ivan Huertas
EIP-2026-107135 EXPLOITDB text VERIFIED
Flatnux 2010-06.09 - 'find' Cross-Site Scripting
by ITSecTeam
EIP-2026-106562 EXPLOITDB text VERIFIED
DPScms - 'q' SQL Injection / Cross-Site Scripting
by Ariko-Security