Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-110659 EXPLOITDB text VERIFIED
PHP Calendars Script - SQL Injection
by L0rd CrusAd3r
CVE-2010-2461 EXPLOITDB text VERIFIED
JCE-Tech Overstock 1 - SQL Injection via Store Parameter
SQL injection vulnerability in storecat.php in JCE-Tech Overstock 1 allows remote attackers to execute arbitrary SQL commands via the store parameter.
by L0rd CrusAd3r
CVE-2010-2462 EXPLOITDB text VERIFIED
OroHYIP - SQL Injection via withdraw_money.php id Parameter
SQL injection vulnerability in withdraw_money.php in Toma Cero OroHYIP allows remote attackers to execute arbitrary SQL commands via the id parameter in a cancel action.
by L0rd CrusAd3r
EIP-2026-108338 EXPLOITDB text
Joomla! Component com_eportfolio - Arbitrary File Upload
by Sid3^effects
CVE-2010-5020 EXPLOITDB text VERIFIED
NetArt Media iBoutique 4.0 - SQL Injection
SQL injection vulnerability in index.php in NetArt Media iBoutique 4.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.
by L0rd CrusAd3r
EIP-2026-112864 EXPLOITDB text VERIFIED
UK One Media CMS - 'id' Error-Based SQL Injection
by LiquidWorm
EIP-2026-112278 EXPLOITDB text VERIFIED
SnowCade 3.0 - SQL Injection
by ahwak2000
CVE-2010-2464 EXPLOITDB text VERIFIED
RSComments (com_rscomments) 1.0.0 Rev 2 - Cross-Site Scripting via Website and Name Parameters
Multiple cross-site scripting (XSS) vulnerabilities in the RSComments (com_rscomments) component 1.0.0 Rev 2 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) website and (2) name parameters to index.php.
by jdc
CVE-2010-5014 EXPLOITDB text VERIFIED
Elite Gaming Ladders 3.5 - SQL Injection
SQL injection vulnerability in standings.php in Elite Gaming Ladders 3.5 allows remote attackers to execute arbitrary SQL commands via the ladder[id] parameter.
by ahwak2000
EIP-2026-112028 EXPLOITDB text VERIFIED
Shopping Cart Script with Affiliate Program - SQL Injection
by L0rd CrusAd3r
EIP-2026-109331 EXPLOITDB text
MarketSaz - Arbitrary File Upload
by NetQurd
EIP-2026-109051 EXPLOITDB text VERIFIED
KubeSupport - 'lang' SQL Injection
by L0rd CrusAd3r
EIP-2026-109049 EXPLOITDB text VERIFIED
KubeLance 1.7.6 - 'profile.php' SQL Injection
by L0rd CrusAd3r
EIP-2026-108821 EXPLOITDB text
Joomla! Component Ozio Gallery 2 - Multiple Vulnerabilities
by jdc
EIP-2026-108658 EXPLOITDB text VERIFIED
Joomla! Component Gallery XML 1.1 - SQL Injection / Local File Inclusion
by jdc
EIP-2026-108432 EXPLOITDB text
Joomla! Component com_listbingo 1.3 - Multiple Vulnerabilities
by jdc
EIP-2026-108408 EXPLOITDB text
Joomla! Component com_joomdocs - Cross-Site Scripting
by Sid3^effects
EIP-2026-108205 EXPLOITDB text
Joomla! Component Answers 2.3beta - Multiple Vulnerabilities
by jdc
CVE-2010-4981 EXPLOITDB text VERIFIED
YourFreeWorld Banner Management - SQL Injection
SQL injection vulnerability in trackads.php in YourFreeWorld Banner Management allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information.
by L0rd CrusAd3r
CVE-2010-1622 EXPLOITDB text VERIFIED
Oracle Fusion Middleware < 2.5.7 - Code Injection
SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs[0]=jar: followed by a URL of a crafted .jar file.
by Meder Kydyraliev
EIP-2026-115050 EXPLOITDB text VERIFIED
Chrome Engine 4 - Denial of Service
by Luigi Auriemma
EIP-2026-111320 EXPLOITDB text
Planet 1.1 - Cross-Site Request Forgery (Add Admin)
by G0D-F4Th3r
EIP-2026-111285 EXPLOITDB text
Pithcms 0.9.5 - Local File Inclusion
by sh00t0ut
EIP-2026-110885 EXPLOITDB text
PHP-Nuke Module print 6.0 - 'print&sid' SQL Injection
by Gamoscu
EIP-2026-110546 EXPLOITDB text
PenPals - Authentication Bypass
by L0rd CrusAd3r