Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-105843 EXPLOITDB text
Church Management System 1.0 - 'search' SQL Injection (Unauthenticated)
by Erwin Krazek
EIP-2026-105639 EXPLOITDB text
Budget and Expense Tracker System 1.0 - Authenticated Bypass
by Prunier Charles-Yves
EIP-2026-104461 EXPLOITDB text
T-Soft E-Commerce 4 - change 'admin credentials' Cross-Site Request Forgery (CSRF)
by Alperen Ergel
EIP-2026-112062 EXPLOITDB text
Simple Attendance System 1.0 - Authenticated bypass
by Abdullah Khawaja
CVE-2021-42230 EXPLOITDB CRITICAL text
Seowon 130-SLC Firmware < 2021-09-15 - Remote Code Execution via queriesCnt Parameter
Seowon 130-SLC router all versions as of 2021-09-15 is vulnerable to Remote Code Execution via the queriesCnt parameter.
by Aryan Chehreghani
CVSS 9.8
EIP-2026-112494 EXPLOITDB text
Support Board 3.3.3 - 'Multiple' SQL Injection (Unauthenticated)
by John Jefferson Li
CVE-2021-47790 EXPLOITDB HIGH text VERIFIED
Active WebCam 11.5 - Code Injection
Active WebCam 11.5 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the misconfigured service path by placing malicious executables in specific directory locations to gain administrative access.
by Salman Asad
CVSS 7.8
EIP-2026-109415 EXPLOITDB text
Men Salon Management System 1.0 - Multiple Vulnerabilities
by Aryan Chehreghani
EIP-2026-101686 EXPLOITDB text
ECOA Building Automation System - Weak Default Credentials
by Neurogenesia
EIP-2026-101685 EXPLOITDB text
ECOA Building Automation System - Remote Privilege Escalation
by Neurogenesia
EIP-2026-101684 EXPLOITDB text
ECOA Building Automation System - Path Traversal Arbitrary File Upload
by Neurogenesia
EIP-2026-101683 EXPLOITDB text
ECOA Building Automation System - Local File Disclosure
by Neurogenesia
EIP-2026-101682 EXPLOITDB text
ECOA Building Automation System - Directory Traversal Content Disclosure
by Neurogenesia
EIP-2026-101681 EXPLOITDB text
ECOA Building Automation System - Cookie Poisoning Authentication Bypass
by Neurogenesia
EIP-2026-101680 EXPLOITDB text
ECOA Building Automation System - Configuration Download Information Disclosure
by Neurogenesia
EIP-2026-101679 EXPLOITDB text
ECOA Building Automation System - Arbitrary File Deletion
by Neurogenesia
EIP-2026-101678 EXPLOITDB text
ECOA Building Automation System - 'multiple' Cross-Site Request Forgery (CSRF)
by Neurogenesia
EIP-2026-101261 EXPLOITDB text
ECOA Building Automation System - Hard-coded Credentials SSH Access
by Neurogenesia
EIP-2026-101123 EXPLOITDB text
ECOA Building Automation System - Missing Encryption Of Sensitive Information
by Neurogenesia
EIP-2026-105652 EXPLOITDB text VERIFIED
Bus Pass Management System 1.0 - 'adminname' Stored Cross-Site Scripting (XSS)
by Emre Aslan
EIP-2026-114106 EXPLOITDB text
WordPress Plugin TablePress 1.14 - CSV Injection
by Nikhil Kapoor
EIP-2026-114233 EXPLOITDB text
WordPress Plugin WP Sitemap Page 1.6.4 - Stored Cross-Site Scripting (XSS)
by Nikhil Kapoor
CVE-2021-47945 EXPLOITDB HIGH text
Argus Surveillance DVR 4.0 Unquoted Service Path Privilege Escalation
Argus Surveillance DVR 4.0 contains an unquoted service path vulnerability in the DVRWatchdog service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the Program Files directory to be executed with LocalSystem privileges when the service starts.
by Salman Asad
CVSS 7.8
CVE-2022-29008 EXPLOITDB MEDIUM text VERIFIED
Bus Pass Management System v1.0 - Info Disclosure
An insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass Management System v1.0 allows attackers to access sensitive information.
by sudoninja
CVSS 6.5
CVE-2021-40903 EXPLOITDB CRITICAL text
antminer_monitor 0.50.0 - Use of Hard-coded Credentials in Flask Settings File
A vulnerability in Antminer Monitor 0.50.0 exists because of backdoor or misconfiguration inside a settings file in flask server. Settings file has a predefined secret string, which would be randomly generated, however it is static.
by Vulnz
CVSS 9.8
By Source
All 31,386 Writeup 62,205 Exploitdb 50,076 Nomisec 22,391 Github 3,610 Metasploit 3,311 Vulncheck_xdb 927 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,564 ruby 6,002 c 3,626 perl 2,849 html 2,075 php 1,333 bash 462 java 370 c++ 260 javascript 229 shell 131 go 73 postscript 25 typescript 25