Exploitdb Exploits

31,344 exploits tracked across all sources.

Sort: Activity Stars
CVE-2010-1743 EXPLOITDB text VERIFIED
Satyadeep Scratcher - SQL Injection
SQL injection vulnerability in projects.php in Scratcher allows remote attackers to execute arbitrary SQL commands via the id parameter.
by cr4wl3r
CVE-2010-2853 EXPLOITDB text VERIFIED
iScripts VisualCaster - SQL Injection
SQL injection vulnerability in flashPlayer/playVideo.php in iScripts VisualCaster allows remote attackers to execute arbitrary SQL commands via the product_id parameter.
by Sid3^effects
EIP-2026-106613 EXPLOITDB text
DZCP (deV!L_z Clanportal) 1.5.3 - Multiple Vulnerabilities
by indoushka
CVE-2009-1362 EXPLOITDB text VERIFIED
Chcounter - SQL Injection
SQL injection vulnerability in administration/index.php in chCounter 3.1.3 allows remote attackers to execute arbitrary SQL commands via the login_name parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by Valentin
EIP-2026-105246 EXPLOITDB text VERIFIED
Articles Directory - Authentication Bypass
by Sid3^effects
EIP-2026-113051 EXPLOITDB text VERIFIED
velBox 1.2 - Insecure Cookie Authentication Bypass
by indoushka
EIP-2026-112588 EXPLOITDB text VERIFIED
Tele Data's Contact Management Server 0.9 - 'Username' SQL Injection
by John Leitch
CVE-2005-3817 EXPLOITDB text VERIFIED
Softbiz Web Hosting Directory Script < 1.1 - SQL Injection
Multiple SQL injection vulnerabilities in Softbiz Web Host Directory Script 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter in search_result.php, (2) sbres_id parameter in review.php, (3) cid parameter in browsecats.php, (4) h_id parameter in email.php, and (5) an unspecified parameter to the search module.
by 41.w4r10r
CVE-2006-3271 EXPLOITDB text VERIFIED
Softbiz Dating 1.0 - SQL Injection
Multiple SQL injection vulnerabilities in Softbiz Dating 1.0 allow remote attackers to execute SQL commands via the (1) country and (2) sort_by parameters in (a) search_results.php; (3) browse parameter in (b) featured_photos.php; (4) cid parameter in (c) products.php, (d) index.php, and (e) news_desc.php.
by 41.w4r10r
EIP-2026-111331 EXPLOITDB text VERIFIED
Pligg CMS 1.0.4 - 'story.php' SQL Injection
by Don Tukulesto
CVE-2010-1701 EXPLOITDB text VERIFIED
Rocky.nu Php Video Battle Script - SQL Injection
SQL injection vulnerability in browse.html in PHP Video Battle Script allows remote attackers to execute arbitrary SQL commands via the cat parameter.
by v3n0m
CVE-2010-1705 EXPLOITDB text VERIFIED
Rocky.nu Modelbook - SQL Injection
SQL injection vulnerability in casting_view.php in Modelbook allows remote attackers to execute arbitrary SQL commands via the adnum parameter.
by v3n0m
EIP-2026-108898 EXPLOITDB text VERIFIED
Joomla! Component Wap4Joomla! - 'wapmain.php' SQL Injection
by Manas58
EIP-2026-108394 EXPLOITDB text VERIFIED
Joomla! Component com_jesectionfinder - Arbitrary File Upload
by Sid3^effects
EIP-2026-107378 EXPLOITDB text VERIFIED
GeneShop 5.1.1 - SQL Injection
by 41.w4r10r
EIP-2026-103844 EXPLOITDB text VERIFIED
Apache ActiveMQ 5.3 - 'admin/queueBrowse' Cross-Site Scripting
by arun kethipelly
CVE-2010-1661 EXPLOITDB text
Jcink Php-quick-arcade - SQL Injection
Multiple SQL injection vulnerabilities in PHP-Quick-Arcade (PHPQA) 3.0.21 allow remote attackers to execute arbitrary SQL commands via the (1) phpqa_user_c parameter to Arcade.php and the (2) id parameter to acpmoderate.php.
by ITSecTeam
EIP-2026-118984 EXPLOITDB text VERIFIED
OneHTTPD 0.6 - Directory Traversal
by John Leitch
EIP-2026-112239 EXPLOITDB text VERIFIED
SmartBlog 1.3 - SQL Injection / Cross-Site Scripting
by indoushka
EIP-2026-111671 EXPLOITDB text VERIFIED
Ramaas Software CMS - SQL Injection
by 41.w4r10r
EIP-2026-111513 EXPLOITDB text VERIFIED
ProArcadeScript - 'search.php' Cross-Site Scripting
by Sid3^effects
CVE-2010-1662 EXPLOITDB text
Jcink Php-quick-arcade - XSS
Cross-site scripting (XSS) vulnerability in acpmoderate.php in PHP-Quick-Arcade (PHPQA) 3.0.21 allows remote attackers to inject arbitrary web script or HTML via the serv parameter.
by ITSecTeam
CVE-2010-1659 EXPLOITDB text VERIFIED
Webkul Com Ultimateportfolio - Path Traversal
Directory traversal vulnerability in the Ultimate Portfolio (com_ultimateportfolio) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
by AntiSecurity
CVE-2010-1657 EXPLOITDB text VERIFIED
Recly Com Smartsite - Path Traversal
Directory traversal vulnerability in the SmartSite (com_smartsite) component 1.0.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
by AntiSecurity
CVE-2010-1658 EXPLOITDB text VERIFIED
Code-garage Com Noticeboard - Path Traversal
Directory traversal vulnerability in the Code-Garage NoticeBoard (com_noticeboard) component 1.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
by AntiSecurity
By Source
All 31,344 Writeup 60,470 Exploitdb 50,009 Nomisec 21,927 Metasploit 3,232 Github 2,872 Vulncheck_xdb 908 Inthewild 514 Gitlab 443 Gitee 415 Patchapalooza 312
By Language
text 31,344 python 6,139 ruby 5,921 c 3,586 perl 2,849 html 2,054 php 1,327 bash 460 java 364 c++ 251 javascript 220 shell 98 go 64 postscript 25 xml 24