Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-116343 EXPLOITDB text VERIFIED
SumatraPDF 1.1 - Denial of Service (PoC)
by Matthew Bergin
CVE-2010-2089 EXPLOITDB text VERIFIED
Python 2.5.0-2.5.5 - Out-of-bounds Write in audioop Module
The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634.
by haypo
CVE-2010-4971 EXPLOITDB text VERIFIED
VideoWhisper PHP 2 Way Video Chat - Cross-Site Scripting via r Parameter
Cross-site scripting (XSS) vulnerability in VideoWhisper PHP 2 Way Video Chat component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the r parameter to index.php.
by Sid3^effects
EIP-2026-109543 EXPLOITDB text VERIFIED
MODx 1.0.3 - 'index.php' Multiple SQL Injections
by High-Tech Bridge SA
EIP-2026-109404 EXPLOITDB text VERIFIED
Membership Site Script - SQL Injection
by Valentin
EIP-2026-109230 EXPLOITDB text VERIFIED
Lyrics Script - SQL Injection / Cross-Site Scripting
by Valentin
EIP-2026-108123 EXPLOITDB text VERIFIED
Joke Website Script - SQL Injection / Cross-Site Scripting
by Valentin
EIP-2026-106621 EXPLOITDB text VERIFIED
E-Book Store - SQL Injection
by Valentin
EIP-2026-106343 EXPLOITDB text VERIFIED
Daily Inspirational Quotes Script - SQL Injection
by Valentin
CVE-2010-2631 EXPLOITDB text VERIFIED
LibTIFF 3.9.0 - Denial of Service via Crafted TIFF File
LibTIFF 3.9.0 ignores tags in certain situations during the first stage of TIFF file processing and does not properly handle this during the second stage, which allows remote attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2010-2481.
by Tom Lane
EIP-2026-101485 EXPLOITDB text VERIFIED
Trend Micro Interscan Web Security Virtual Appliance - Multiple Vulnerabilities
by Ivan Huertas
CVE-2010-5007 EXPLOITDB text VERIFIED
UTStats Beta 4 and earlier - Cross-Site Scripting via mid Parameter
Cross-site scripting (XSS) vulnerability in pages/match_report.php in UTStats Beta 4 and earlier allows remote attackers to inject arbitrary web script or HTML via the mid parameter.
by LuM Member
CVE-2010-2334 EXPLOITDB text VERIFIED
Yamamah Photo Gallery 1.00 - Path Traversal via Download Parameter
Directory traversal vulnerability in themes/default/download.php in Yamamah Photo Gallery 1.00, as distributed before 20100618, allows remote attackers to read arbitrary files via a .. (dot dot) in the download parameter.
by mat
CVE-2010-1300 EXPLOITDB text VERIFIED
Yamamah (Dove Photo Album) 1.00 - SQL Injection
SQL injection vulnerability in index.php in Yamamah (aka Dove Photo Album) 1.00 allows remote attackers to execute arbitrary SQL commands via the calbums parameter.
by CoBRa_21
CVE-2010-5009 EXPLOITDB text VERIFIED
UTStats Beta 4 and earlier - SQL Injection via pid Parameter in matchp Action
SQL injection vulnerability in index.php in UTStats Beta 4 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter in a matchp action.
by LuM Member
EIP-2026-111470 EXPLOITDB text
Pre Classified Listing - SQL Injection
by L0rd CrusAd3r
EIP-2026-111184 EXPLOITDB text
PHPplanner PHP Planner 0.4 - Multiple Vulnerabilities
by cp77fk4r
EIP-2026-106985 EXPLOITDB text VERIFIED
Eyeland Studio Inc. - SQL Injection
by Mr.P3rfekT
EIP-2026-106984 EXPLOITDB text VERIFIED
Eyeland Studio Inc. - 'game.php' SQL Injection
by CoBRa_21
EIP-2026-100522 EXPLOITDB text VERIFIED
Real-time ASP Calendar - SQL Injection
by L0rd CrusAd3r
CVE-2010-5021 EXPLOITDB text VERIFIED
Digital Interchange Document Library <5.8.5 - SQL Injection
SQL injection vulnerability in view_group.asp in Digital Interchange Document Library 5.8.5 allows remote attackers to execute arbitrary SQL commands via the intGroupID parameter.
by L0rd CrusAd3r
CVE-2010-5023 EXPLOITDB text VERIFIED
Digital Interchange Calendar <5.8.5 - SQL Injection
SQL injection vulnerability in index.asp in Digital Interchange Calendar 5.8.5 allows remote attackers to execute arbitrary SQL commands via the intDivisionID parameter.
by L0rd CrusAd3r
CVE-2010-2335 EXPLOITDB text
Yamamah Photo Gallery 1.00 - SQL Injection via News Parameter
SQL injection vulnerability in index.php in Yamamah Photo Gallery 1.00, as distributed before 20100618, allows remote attackers to execute arbitrary SQL commands via the news parameter.
by anT!-Tr0J4n
CVE-2010-1300 EXPLOITDB text VERIFIED
Yamamah (Dove Photo Album) 1.00 - SQL Injection
SQL injection vulnerability in index.php in Yamamah (aka Dove Photo Album) 1.00 allows remote attackers to execute arbitrary SQL commands via the calbums parameter.
by TheMaStEr
CVE-2010-2336 EXPLOITDB text
Yamamah Photo Gallery 1.00 - Unauthenticated Source Code Disclosure via Download Parameter
index.php in Yamamah Photo Gallery 1.00 allows remote attackers to obtain the source code of executable files within the web document root via the download parameter.
by anT!-Tr0J4n