Exploitdb Exploits

31,344 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-107469 EXPLOITDB text VERIFIED
GR Board 1.8.6 - 'page.php' Remote File Inclusion
by eidelweiss
EIP-2026-106236 EXPLOITDB text VERIFIED
Creato Script - SQL Injection
by Mr.P3rfekT
CVE-2010-2154 EXPLOITDB text VERIFIED
CMScout 2.09 - Cross-Site Scripting via Search Parameter
Cross-site scripting (XSS) vulnerability in the Search Site in CMScout 2.09, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the search parameter. NOTE: some of these details are obtained from third party information.
by XroGuE
EIP-2026-104006 EXPLOITDB text
Nginx 0.6.36 - Directory Traversal
by cp77fk4r
CVE-2010-5040 EXPLOITDB text VERIFIED
Nucleus NP_Gallery <0.94 - RCE
PHP remote file inclusion vulnerability in nucleus/plugins/NP_gallery.php in the NP_Gallery plugin 0.94 for Nucleus allows remote attackers to execute arbitrary PHP code via a URL in the DIR_NUCLEUS parameter. NOTE: some of these details are obtained from third party information.
by AntiSecurity
CVE-2010-5033 EXPLOITDB text VERIFIED
Fusebox 5.5.1 - SQL Injection
SQL injection vulnerability in ProductList.cfm in Fusebox 5.5.1 allows remote attackers to execute arbitrary SQL commands via the CatDisplay parameter.
by Shamus
EIP-2026-113323 EXPLOITDB text VERIFIED
Webiz 2004 - Local File Upload
by kannibal615
EIP-2026-113322 EXPLOITDB text
Webiz - SQL Injection
by kannibal615
CVE-2010-2314 EXPLOITDB text
Edmondhui.homeip NP Twitter - Code Injection
PHP remote file inclusion vulnerability in nucleus/plugins/NP_Twitter.php in the NP_Twitter Plugin 0.8 and 0.9 for Nucleus, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the DIR_PLUGINS parameter. NOTE: some of these details are obtained from third party information.
by AntiSecurity
CVE-2010-5041 EXPLOITDB text VERIFIED
NP_Gallery 0.94 - SQL Injection
SQL injection vulnerability in index.php in the NP_Gallery plugin 0.94 for Nucleus allows remote attackers to execute arbitrary SQL commands via the id parameter in a plugin action.
by AntiSecurity
EIP-2026-109468 EXPLOITDB text VERIFIED
MileHigh Creative - SQL Injection / Cross-Site Scripting / HTML Injection
by XroGuE
EIP-2026-109330 EXPLOITDB text VERIFIED
Marketing Web Design - Multiple Vulnerabilities
by XroGuE
EIP-2026-106174 EXPLOITDB text VERIFIED
Cosmos Solutions CMS - SQL Injection
by cyberlog
EIP-2026-106173 EXPLOITDB text VERIFIED
Cosmos Solutions CMS - 'id=' / 'page=' SQL Injection
by gendenk
EIP-2026-105027 EXPLOITDB text VERIFIED
Aim Web Design - Multiple Vulnerabilities
by XroGuE
CVE-2010-2147 EXPLOITDB text VERIFIED
Unisoft Com Mycar - XSS
Cross-site scripting (XSS) vulnerability in the My Car (com_mycar) component 1.0 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the modveh parameter to index.php.
by Valentin
EIP-2026-111712 EXPLOITDB text VERIFIED
Realtor WebSite System E-Commerce - idfestival SQL Injection
by CoBRa_21
EIP-2026-111711 EXPLOITDB text VERIFIED
Realtor Real Estate Agent - 'news.php' SQL Injection
by v3n0m
EIP-2026-111710 EXPLOITDB text VERIFIED
Realtor Real Estate Agent - 'idproperty' SQL Injection
by v3n0m
CVE-2010-2148 EXPLOITDB text VERIFIED
Unisoft Com Mycar - SQL Injection
SQL injection vulnerability in the My Car (com_mycar) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pagina parameter to index.php.
by Valentin
EIP-2026-108709 EXPLOITDB text VERIFIED
Joomla! Component JE Poll - 'pollid' SQL Injection
by v3n0m
CVE-2010-5028 EXPLOITDB text VERIFIED
Joomla! com_jejob 1.0 - SQL Injection
SQL injection vulnerability in the JExtensions JE Job (com_jejob) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php.
by v3n0m
CVE-2010-5032 EXPLOITDB text VERIFIED
Joomla! com_bfquiztrial <1.3.1 - SQL Injection
SQL injection vulnerability in the BF Quiz (com_bfquiztrial) component before 1.3.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a bfquiztrial action to index.php.
by Valentin
EIP-2026-107812 EXPLOITDB text VERIFIED
ImpressPages CMS 1.0x - 'admin.php' Multiple SQL Injections
by High-Tech Bridge SA
EIP-2026-106008 EXPLOITDB text VERIFIED
CMScout 2.08 - Cross-Site Scripting
by XroGuE
By Source
All 31,344 Writeup 60,430 Exploitdb 50,009 Nomisec 21,921 Metasploit 3,230 Github 2,773 Vulncheck_xdb 907 Inthewild 514 Gitlab 443 Gitee 415 Patchapalooza 312
By Language
text 31,344 python 6,051 ruby 5,919 c 3,584 perl 2,849 html 2,054 php 1,327 bash 460 java 364 c++ 251 javascript 220 shell 98 go 61 postscript 25 xml 24