Exploitdb Exploits

31,344 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-111195 EXPLOITDB text VERIFIED
phpscripte24 Countdown Standart Rückwärts Auktions System - SQL Injection
by Easy Laster
EIP-2026-110717 EXPLOITDB text VERIFIED
PHP Link Manager 1.7 - URL Redirection
by ITSecTeam
EIP-2026-108212 EXPLOITDB text
Joomla! Component Article Factory Manager - Arbitrary File Upload
by Sid3^effects
EIP-2026-105463 EXPLOITDB text VERIFIED
big.asp - SQL Injection
by Ra3cH
EIP-2026-105354 EXPLOITDB text VERIFIED
B2B Classic Trading Script - 'offers.php' SQL Injection
by v3n0m
EIP-2026-110827 EXPLOITDB text VERIFIED
PHP-Nuke - 'friend.php' Module SQL Injection
by CMD
EIP-2026-106764 EXPLOITDB text VERIFIED
ECShop 2.7.2 - 'category.php' SQL Injection
by Liscker
CVE-2010-1457 EXPLOITDB text VERIFIED
GNUstep Base <1.20.0 - Info Disclosure
Tools/gdomap.c in gdomap in GNUstep Base before 1.20.0 allows local users to read arbitrary files via a (1) -c or (2) -a option, which prints file contents in an error message.
by Dan Rosenberg
EIP-2026-101196 EXPLOITDB text VERIFIED
Cisco Application Control Engine (ACE) - HTTP Parsing Security
by Alexis Tremblay
CVE-2010-1905 EXPLOITDB text VERIFIED
Consona Live Assistance - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance allow remote attackers to inject arbitrary web script or HTML via crafted input to ASP pages, as demonstrated using the backurl parameter to sdccommon/verify/asp/n6plugindestructor.asp.
by Ruben Santamarta
EIP-2026-100110 EXPLOITDB text VERIFIED
ArticleLive (Interspire Website Publisher) - SQL Injection
by Ra3cH
EIP-2026-100081 EXPLOITDB text VERIFIED
Administrador de Contenidos - Admin Authentication Bypass
by Ra3cH
EIP-2026-119299 EXPLOITDB text VERIFIED
X-Motor Racing 1.26 - Remote Buffer Overflow / Multiple Denial of Service Vulnerabilities
by Luigi Auriemma
EIP-2026-113342 EXPLOITDB text VERIFIED
WeBProdZ CMS - SQL Injection
by MasterGipy
EIP-2026-107389 EXPLOITDB text VERIFIED
Getsimple CMS 2.01 - Local File Inclusion
by Batch
EIP-2026-107032 EXPLOITDB text
Factux - Local File Inclusion
by ALTBTA
CVE-2010-1859 EXPLOITDB text VERIFIED
Deluxebb < 1.3 - SQL Injection
SQL injection vulnerability in newpost.php in DeluxeBB 1.3 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the membercookie cookie when adding a new thread.
by Stefan Esser
EIP-2026-105325 EXPLOITDB text VERIFIED
AV Arcade - 'Search' Cross-Site Scripting / HTML Injection
by Vadim Toptunov
EIP-2026-103189 EXPLOITDB text VERIFIED
PCRE 6.2 - Regular Expression Compiling Workspace Buffer Overflow
by Michael Santos
EIP-2026-100787 EXPLOITDB text VERIFIED
Digital Factory Publique! 2.3 - 'sid' SQL Injection
by Christophe de la Fuente
EIP-2026-118768 EXPLOITDB text VERIFIED
MDaemon Mailer Daemon 11.0.1 - Remote File Disclosure
by kingcope
EIP-2026-113629 EXPLOITDB text VERIFIED
WordPress Plugin Cimy Counter 0.9.4 - HTTP Response Splitting / Cross-Site Scripting
by MustLive
EIP-2026-112218 EXPLOITDB text
Slooze PHP Web Photo Album 0.2.7 - Command Execution
by Sn!pEr.S!Te Hacker
EIP-2026-110836 EXPLOITDB text
PHP-Nuke 5.0 - Viewslink SQL Injection
by CMD
EIP-2026-104499 EXPLOITDB text VERIFIED
WordPress Plugin TYPO3 't3m_cumulus_tagcloud' Extension 1.0 - HTML Injection / Cross-Site Scripting
by MustLive
By Source
All 31,344 Writeup 60,430 Exploitdb 50,009 Nomisec 21,927 Metasploit 3,232 Github 2,784 Vulncheck_xdb 908 Inthewild 514 Gitlab 443 Gitee 415 Patchapalooza 312
By Language
text 31,344 python 6,057 ruby 5,921 c 3,585 perl 2,849 html 2,054 php 1,327 bash 460 java 364 c++ 251 javascript 220 shell 98 go 64 postscript 25 xml 24