Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-112546 EXPLOITDB text
Tadbir CMS - 'FCKeditor' Arbitrary File Upload
by Pouya Daneshmand
EIP-2026-112363 EXPLOITDB text VERIFIED
Spaceacre - Multiple SQL Injections
by gendenk
CVE-2008-5088 EXPLOITDB text
PHPKB Knowledge Base Software 1.5 Professional - SQL Injection via ID Parameter
Multiple SQL injection vulnerabilities in PHPKB Knowledge Base Software 1.5 Professional allow remote attackers to execute arbitrary SQL commands via the ID parameter to (1) email.php and (2) question.php, a different vector than CVE-2008-1909.
by R3d-D3V!L
EIP-2026-107104 EXPLOITDB text VERIFIED
Fiomental & Coolsis Backoffice - Multiple Vulnerabilities
by MasterGipy
EIP-2026-107040 EXPLOITDB text VERIFIED
family connections 2.2.3 - Multiple Vulnerabilities
by Salvatore Fresta
EIP-2026-106733 EXPLOITDB text VERIFIED
EasyPublish CMS 23.04.2010 - URI Cross-Site Scripting
by High-Tech Bridge SA
EIP-2026-106651 EXPLOITDB text VERIFIED
e-webtech - 'new.asp?id=' SQL Injection
by protocol
EIP-2026-106353 EXPLOITDB text
Dark Hart Portal - 'login.php' Remote File Inclusion
by CoBRa_21
CVE-2010-2003 EXPLOITDB text VERIFIED
Advanced Poll 2.08 - Cross-Site Scripting via mysql_host Parameter
Cross-site scripting (XSS) vulnerability in misc/get_admin.php in Advanced Poll 2.08 allows remote attackers to inject arbitrary web script or HTML via the mysql_host parameter.
by High-Tech Bridge SA
CVE-2008-1858 EXPLOITDB text VERIFIED
724Networks 724CMS <4.01 - SQL Injection
SQL injection vulnerability in index.php in 724Networks 724CMS 4.01 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter.
by cyberlog
CVE-2010-1922 EXPLOITDB text
29o3 CMS 0.1 - Remote File Inclusion via LibDir Parameter
Multiple PHP remote file inclusion vulnerabilities in 29o3 CMS 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the LibDir parameter to (1) lib/page/pageDescriptionObject.php, and (2) layoutHeaderFuncs.php, (3) layoutManager.php, and (4) layoutParser.php in lib/layout/.
by eidelweiss
EIP-2026-104637 EXPLOITDB text
MiniManager For Mangos/Trinity Server - Denial of Service
by XroGuE
EIP-2026-103621 EXPLOITDB text
Pargoon CMS - Denial of Service
by Pouya Daneshmand
EIP-2026-118774 EXPLOITDB text VERIFIED
Mereo 1.9.1 - Directory Traversal
by John Leitch
EIP-2026-116420 EXPLOITDB text VERIFIED
Torque Game Engine - Multiple Denial of Service Vulnerabilities
by Luigi Auriemma
CVE-2010-1918 EXPLOITDB text VERIFIED
efront < 3.6.2 - SQL Injection via chatrooms_ID Parameter
SQL injection vulnerability in ask_chat.php in eFront 3.6.2 and earlier allows remote attackers to execute arbitrary SQL commands via the chatrooms_ID parameter.
by Stefan Esser
CVE-2010-1923 EXPLOITDB text VERIFIED
Hi Web Wiesbaden Web 2.0 Social Network Freunde Community System - SQL Injection via id Parameter
SQL injection vulnerability in user.php in Hi Web Wiesbaden Web 2.0 Social Network Freunde Community System allows remote attackers to execute arbitrary SQL commands via the id parameter in a showgallery action.
by Easy Laster
EIP-2026-111195 EXPLOITDB text VERIFIED
phpscripte24 Countdown Standart Rückwärts Auktions System - SQL Injection
by Easy Laster
EIP-2026-110717 EXPLOITDB text VERIFIED
PHP Link Manager 1.7 - URL Redirection
by ITSecTeam
EIP-2026-108212 EXPLOITDB text
Joomla! Component Article Factory Manager - Arbitrary File Upload
by Sid3^effects
EIP-2026-105463 EXPLOITDB text VERIFIED
big.asp - SQL Injection
by Ra3cH
EIP-2026-105354 EXPLOITDB text VERIFIED
B2B Classic Trading Script - 'offers.php' SQL Injection
by v3n0m
EIP-2026-110827 EXPLOITDB text VERIFIED
PHP-Nuke - 'friend.php' Module SQL Injection
by CMD
EIP-2026-106764 EXPLOITDB text VERIFIED
ECShop 2.7.2 - 'category.php' SQL Injection
by Liscker
CVE-2010-1457 EXPLOITDB text VERIFIED
GNUstep Base <1.20.0 - Info Disclosure
Tools/gdomap.c in gdomap in GNUstep Base before 1.20.0 allows local users to read arbitrary files via a (1) -c or (2) -a option, which prints file contents in an error message.
by Dan Rosenberg