Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
CVE-2010-2142 EXPLOITDB text VERIFIED
Cyberhost - SQL Injection via default.asp id Parameter
SQL injection vulnerability in default.asp in Cyberhost allows remote attackers to execute arbitrary SQL commands via the id parameter.
by redst0rm
EIP-2026-100151 EXPLOITDB text
Asset Manager - Arbitrary File Upload
by Ra3cH
EIP-2026-119340 EXPLOITDB text VERIFIED
3Com* iMC (Intelligent Management Center) - Traversal File Retrieval
by Richard Brain
EIP-2026-119339 EXPLOITDB text VERIFIED
3Com* iMC (Intelligent Management Center) - Cross-Site Scripting / Information Disclosure Flaws
by Richard Brain
EIP-2026-114715 EXPLOITDB text VERIFIED
Sun Solaris 10 - Nested Directory Tree Local Denial of Service
by Maksymilian Arciemowicz
EIP-2026-114714 EXPLOITDB text VERIFIED
Sun Solaris 10 - 'in.ftpd' Long Command Handling Security
by Maksymilian Arciemowicz
EIP-2026-112371 EXPLOITDB text VERIFIED
Specialized Data Systems Parent Connect 2010.04.11 - Multiple SQL Injections
by epixoip
EIP-2026-110240 EXPLOITDB text VERIFIED
Open-AudIT - Multiple Vulnerabilities
by Sébastien Duquette
EIP-2026-110200 EXPLOITDB text VERIFIED
Online University - Authentication Bypass
by cr4wl3r
EIP-2026-110125 EXPLOITDB text VERIFIED
Online Job Board - Authentication Bypass
by cr4wl3r
CVE-2010-2127 EXPLOITDB text
jv2_folder_gallery 3.1 - Remote Code Execution via lang_file Parameter
PHP remote file inclusion vulnerability in gallery.php in JV2 Folder Gallery 3.1 allows remote attackers to execute arbitrary PHP code via a URL in the lang_file parameter.
by Sn!pEr.S!Te Hacker
CVE-2010-2124 EXPLOITDB text VERIFIED
ConPresso 4.0.7 - SQL Injection via Firma.php ID Parameter
SQL injection vulnerability in firma.php in Bartels Schone ConPresso 4.0.7 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Gamoscu
CVE-2010-2103 EXPLOITDB text
Apache Axis2 1.4.1-1.5.1 - Cross-Site Scripting via Modules Parameter
Cross-site scripting (XSS) vulnerability in axis2-admin/axis2-admin/engagingglobally in the administration console in Apache Axis2/Java 1.4.1, 1.5.1, and possibly other versions, as used in SAP Business Objects 12, 3com IMC, and possibly other products, allows remote attackers to inject arbitrary web script or HTML via the modules parameter. NOTE: some of these details are obtained from third party information.
by Richard Brain
EIP-2026-118384 EXPLOITDB text
ComponentOne VSFlexGrid 7/8 - 'Archive()' method Remote Buffer Overflow
by Ma3sTr0-Dz
EIP-2026-113386 EXPLOITDB text
webYourPhotos 6.05 - 'index.php' Remote File Inclusion
by Sn!pEr.S!Te Hacker
CVE-2010-2126 EXPLOITDB text VERIFIED
Snipe Gallery 3.1.5 - Remote Code Execution via cfg_admin_path Parameter
Multiple PHP remote file inclusion vulnerabilities in Snipe Gallery 3.1.5 allow remote attackers to execute arbitrary PHP code via a URL in the cfg_admin_path parameter to (1) index.php, (2) view.php, (3) image.php, (4) search.php, (5) admin/index.php, (6) admin/gallery/index.php, (7) admin/gallery/view.php, (8) admin/gallery/gallery.php, (9) admin/gallery/image.php, and (10) admin/gallery/crop.php.
by Sn!pEr.S!Te Hacker
CVE-2010-2126 EXPLOITDB text VERIFIED
Snipe Gallery 3.1.5 - Remote Code Execution via cfg_admin_path Parameter
Multiple PHP remote file inclusion vulnerabilities in Snipe Gallery 3.1.5 allow remote attackers to execute arbitrary PHP code via a URL in the cfg_admin_path parameter to (1) index.php, (2) view.php, (3) image.php, (4) search.php, (5) admin/index.php, (6) admin/gallery/index.php, (7) admin/gallery/view.php, (8) admin/gallery/gallery.php, (9) admin/gallery/image.php, and (10) admin/gallery/crop.php.
by Sn!pEr.S!Te Hacker
EIP-2026-111446 EXPLOITDB text VERIFIED
Powder Blue Design - SQL Injection
by cyberlog
EIP-2026-109970 EXPLOITDB text VERIFIED
NPDS REvolution 10.02 - 'admin.php' Cross-Site Request Forgery
by High-Tech Bridge SA
EIP-2026-109167 EXPLOITDB text VERIFIED
Lisk CMS 4.4 - 'id' Multiple Cross-Site Scripting / SQL Injections
by High-Tech Bridge SA
EIP-2026-106377 EXPLOITDB text VERIFIED
DB[CMS] - 'article.php' SQL Injection
by blackraptor
EIP-2026-101487 EXPLOITDB text VERIFIED
U.S.Robotics USR5463 0.06 Firmware - 'setup_ddns.exe' HTML Injection
by SH4V
EIP-2026-100572 EXPLOITDB text VERIFIED
Spaw Editor 1.0/2.0 - Arbitrary File Upload
by Ma3sTr0-Dz
EIP-2026-100525 EXPLOITDB text VERIFIED
Renista CMS - SQL Injection
by Amir Afghanian
EIP-2026-118762 EXPLOITDB text VERIFIED
McAfee Email Gateway 6.7.1 - 'systemWebAdminConfig.do' Remote Security Bypass
by Nahuel Grisolia