Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-112217 EXPLOITDB text
slogan design Script - SQL Injection
by Mr.P3rfekT
CVE-2010-2315 EXPLOITDB text
SmartISoft phpBazar 2.1.1 - Remote Code Execution via Picturelib.php Cat Parameter
PHP remote file inclusion vulnerability in picturelib.php in SmartISoft phpBazar 2.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the cat parameter.
by Sid3^effects
EIP-2026-110762 EXPLOITDB text
PHP SETI@home Web monitor - 'PHPsetimon' Local/Remote File Inclusion
by eidelweiss
EIP-2026-110389 EXPLOITDB text
osCSS 1.2.1 - Arbitrary File Upload
by indoushka
EIP-2026-109399 EXPLOITDB text VERIFIED
Member ID The Fish Index PHP - SQL Injection
by v4lc0m87
EIP-2026-108953 EXPLOITDB text VERIFIED
K9 Kreativity Design - 'pages.php' SQL Injection
by Newbie_Campuz
EIP-2026-108429 EXPLOITDB text
Joomla! Component com_lead - SQL Injection
by ByEge
EIP-2026-106620 EXPLOITDB text
E-book Store - Multiple Vulnerabilities
by indoushka
EIP-2026-105906 EXPLOITDB text VERIFIED
clickartweb Design - SQL Injection
by cyberlog
EIP-2026-105242 EXPLOITDB text
Article Management System 2.1.2 - Reinstall
by indoushka
EIP-2026-104999 EXPLOITDB text
Advneced Management For Services Sites - File Disclosure
by indoushka
CVE-2010-2307 EXPLOITDB text
Motorola SURFBoard SBV6120E - Directory Traversal via URL Request
Multiple directory traversal vulnerabilities in the web server for Motorola SURFBoard cable modem SBV6120E running firmware SBV6X2X-1.0.0.5-SCM-02-SHPC allow remote attackers to read arbitrary files via (1) "//" (multiple leading slash), (2) ../ (dot dot) sequences, and encoded dot dot sequences in a URL request.
by S2 Crew
EIP-2026-100861 EXPLOITDB text VERIFIED
MoinMoin 1.x - 'PageEditor.py' Cross-Site Scripting
by anonymous
EIP-2026-112968 EXPLOITDB text
Vastal I-Tech - SQL Injection
by HELLBOY
EIP-2026-112763 EXPLOITDB text VERIFIED
TPO Duyuru Scripti - Insecure Cookie Authentication Bypass
by Septemb0x
CVE-2010-2313 EXPLOITDB text VERIFIED
Anodyne Productions SIMM Management System 2.6.10 - Path Traversal via Page Parameter
Directory traversal vulnerability in index.php in Anodyne Productions SIMM Management System (SMS) 2.6.10, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter to index.php. NOTE: some of these details are obtained from third party information.
by AntiSecurity
EIP-2026-110663 EXPLOITDB text VERIFIED
PHP City Portal 1.3 - 'cms_data.php' Cross-Site Scripting
by Red-D3v1L
EIP-2026-108525 EXPLOITDB text VERIFIED
Joomla! Component com_sar_news - 'id' SQL Injection
by LynX
EIP-2026-108238 EXPLOITDB text
Joomla! Component ChronoForms - Blind SQL Injection
by _mlk_
EIP-2026-108237 EXPLOITDB text
Joomla! Component ChronoConnectivity - Blind SQL Injection
by _mlk_
EIP-2026-107590 EXPLOITDB text
Hexjector 1.0.7.2 - Persistent Cross-Site Scripting
by hexon
EIP-2026-107589 EXPLOITDB text VERIFIED
Hexjector 1.0.7.2 - 'hexjector.php' Cross-Site Scripting
by hexon
EIP-2026-106401 EXPLOITDB text VERIFIED
Delivering Digital Media CMS - SQL Injection
by Dr.0rYX & Cr3W-DZ
EIP-2026-100590 EXPLOITDB text VERIFIED
Ticimax E-Ticaret - SQL Injection
by Neuromancer
EIP-2026-114389 EXPLOITDB text VERIFIED
WsCMS - Multiple SQL Injections
by cyberlog