Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-107496 EXPLOITDB text VERIFIED
Greeting card 1.1 - SQL Injection
by Net.Edit0r
CVE-2010-5287 EXPLOITDB text VERIFIED
Cornerstone Technologies webConductor - SQL Injection
SQL injection vulnerability in default.php in Cornerstone Technologies webConductor allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Th3 RDX
EIP-2026-105893 EXPLOITDB text VERIFIED
Classifieds Script - 'rate' SQL Injection
by L0rd CrusAd3r
EIP-2026-105121 EXPLOITDB text VERIFIED
Alpin CMS - 'e4700.asp?id' SQL Injection
by CoBRa_21
CVE-2010-1199 EXPLOITDB text VERIFIED
Firefox 3.5.x-3.5.9 and 3.6.x-3.6.3 - Remote Code Execution via XSLT Node Sorting Integer Overflow
Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node.
by Martin Barbella
EIP-2026-100627 EXPLOITDB text VERIFIED
webConductor - 'default.asp' SQL Injection
by Th3 RDX
CVE-2010-2688 EXPLOITDB text VERIFIED
Site2Nite Boat Classifieds - SQL Injection
SQL injection vulnerability in detail.asp in Site2Nite Boat Classifieds allows remote attackers to execute arbitrary SQL commands via the ID parameter.
by Sangteamtham
EIP-2026-116391 EXPLOITDB text VERIFIED
TeamSpeak 3.0.0-beta25 - Multiple Vulnerabilities
by Luigi Auriemma
EIP-2026-116373 EXPLOITDB text VERIFIED
Sysax Multi Server < 5.25 (SFTP Module) - Multiple Denial of Service Vulnerabilities
by leinakesi
EIP-2026-112041 EXPLOITDB text VERIFIED
Sigmer Technologies Scribe CMS - 'copy_folder.php' Cross-Site Scripting
by High-Tech Bridge SA
EIP-2026-111869 EXPLOITDB text VERIFIED
SaffaTunes CMS - 'news.php' Multiple SQL Injections
by Th3 RDX
EIP-2026-111868 EXPLOITDB text VERIFIED
Saffa Tunes CMS - 'news.php' SQL Injection
by Th3 RDX
EIP-2026-109810 EXPLOITDB text VERIFIED
myUPB 2.2.6 - Multiple Vulnerabilities
by ALTBTA
CVE-2010-2456 EXPLOITDB text
linker_img < 1.0 - Path Traversal via cook_lan Cookie Parameter
Multiple directory traversal vulnerabilities in index.php in Linker IMG 1.0 and earlier allow remote attackers to read and execute arbitrary local files via a URL in the (1) cook_lan cookie parameter ($lan_dir variable) or possibly (2) Sdb_type parameter. NOTE: this was originally reported as remote file inclusion, but this may be inaccurate.
by Sn!pEr.S!Te Hacker
EIP-2026-108733 EXPLOITDB text
Joomla! Component JomSocial 1.6.288 - Multiple Cross-Site Scripting Vulnerabilities
by jdc
EIP-2026-108406 EXPLOITDB text VERIFIED
Joomla! Component com_jomestate - Remote File Inclusion
by Sid3^effects
EIP-2026-108313 EXPLOITDB text
Joomla! Component com_community - Persistent Cross-Site Scripting
by Sid3^effects
CVE-2010-2463 EXPLOITDB text VERIFIED
Jamroom < 4.1.9 - Cross-Site Scripting via Forum Post ID Parameter
Cross-site scripting (XSS) vulnerability in forum.php in Jamroom before 4.1.9 allows remote attackers to inject arbitrary web script or HTML via the post_id parameter in a modify action.
by High-Tech Bridge SA
CVE-2010-2438 EXPLOITDB text VERIFIED
laubrotel g.cms_generator - SQL Injection via Lang Parameter
SQL injection vulnerability in G.CMS generator allows remote attackers to execute arbitrary SQL commands via the lang parameter to the default URI, probably index.php.
by Sid3^effects
EIP-2026-105122 EXPLOITDB text VERIFIED
Alpin CMS 1.0 - SQL Injection
by Th3 RDX
EIP-2026-104402 EXPLOITDB text VERIFIED
Plesk Server Administrator (PSA) - 'locale' Local File Inclusion
by Pouya Daneshmand
CVE-2010-2433 EXPLOITDB text VERIFIED
IBM WebSphere ILOG JRules 6.7 - Cross-Site Scripting via RTS URL to explore.jsp, compose.jsp, or home.jsp
Multiple cross-site scripting (XSS) vulnerabilities in content/internalError.jsp in IBM WebSphere ILOG JRules 6.7 allow remote attackers to inject arbitrary web script or HTML via an RTS URL to (1) explore/explore.jsp, (2) compose/compose.jsp, or (3) home.jsp in faces/.
by IBM
EIP-2026-118650 EXPLOITDB text VERIFIED
HTTP 1.1 - GET Directory Traversal
by chr1x
EIP-2026-112146 EXPLOITDB text VERIFIED
SimpleAssets - Authentication Bypass / Cross-Site Scripting
by L0rd CrusAd3r
CVE-2010-2460 EXPLOITDB text VERIFIED
JCE-Tech Shareasale Script 1 - SQL Injection via merchant_id Parameter
SQL injection vulnerability in merchant_product_list.php in JCE-Tech Shareasale Script (SASS) 1 allows remote attackers to execute arbitrary SQL commands via the mechant_id parameter.
by L0rd CrusAd3r