Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-114556 EXPLOITDB text VERIFIED
YUI Images Script - Arbitrary File Upload
by Mr.P3rfekT
EIP-2026-111128 EXPLOITDB text VERIFIED
PhpMesFilms 1.8 - SQL Injection
by indoushka
EIP-2026-110327 EXPLOITDB text VERIFIED
Opentel Openmairie tel 1.02 - Local File Inclusion
by cr4wl3r
EIP-2026-109980 EXPLOITDB text VERIFIED
Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerabilities
by eidelweiss
EIP-2026-109631 EXPLOITDB text VERIFIED
Multi-Mirror - Arbitrary File Upload
by indoushka
EIP-2026-109599 EXPLOITDB text
Mp3 Online Id Tag Editor - Remote File Inclusion
by indoushka
EIP-2026-109466 EXPLOITDB text VERIFIED
Mihalism Multi Host 4.0.0 - Arbitrary File Upload
by indoushka
EIP-2026-109243 EXPLOITDB text VERIFIED
Magic Uploader Mini - Arbitrary File Upload
by indoushka
CVE-2010-1461 EXPLOITDB text VERIFIED
Joomla! com_photobattle 1.0.1 - Path Traversal
Directory traversal vulnerability in the Photo Battle (com_photobattle) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via the view parameter to index.php.
by AntiSecurity
CVE-2010-1719 EXPLOITDB text VERIFIED
com_mtfireeagle 1.2 - Path Traversal via Controller Parameter
Directory traversal vulnerability in the MT Fire Eagle (com_mtfireeagle) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
by AntiSecurity
CVE-2010-1600 EXPLOITDB text VERIFIED
Media Mall Factory (com_mediamall) 1.0.4 - SQL Injection via Category Parameter
SQL injection vulnerability in the Media Mall Factory (com_mediamall) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter to index.php.
by AntiSecurity
CVE-2010-1957 EXPLOITDB text VERIFIED
com_lovefactory 1.3.4 - Path Traversal via Controller Parameter
Directory traversal vulnerability in the Love Factory (com_lovefactory) component 1.3.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
by AntiSecurity
CVE-2010-1601 EXPLOITDB text VERIFIED
JA Comment (com_jacomment) - Path Traversal via View Parameter
Directory traversal vulnerability in the JA Comment (com_jacomment) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
by AntiSecurity
CVE-2010-1955 EXPLOITDB text VERIFIED
Deluxe Blog Factory (com_blogfactory) 1.1.2 - Path Traversal via Controller Parameter
Directory traversal vulnerability in the Deluxe Blog Factory (com_blogfactory) component 1.1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
by AntiSecurity
EIP-2026-108620 EXPLOITDB text
Joomla! Component Delicious Bookmarks 0.0.1 - Local File Inclusion
by AntiSecurity
EIP-2026-108592 EXPLOITDB text VERIFIED
Joomla! Component com_wgpicasa - Local File Inclusion
by AntiSecurity
EIP-2026-108524 EXPLOITDB text VERIFIED
Joomla! Component com_s5clanroster - Local File Inclusion
by AntiSecurity
CVE-2010-1952 EXPLOITDB text VERIFIED
cmstactics com_beeheard and com_beeheardlite 1.0 - Path Traversal via Controller Parameter
Directory traversal vulnerability in the BeeHeard (com_beeheard) and BeeHeard Lite (com_beeheardlite) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
by AntiSecurity
CVE-2010-5055 EXPLOITDB text VERIFIED
Almnzm 2.1 - SQL Injection via id Parameter
SQL injection vulnerability in index.php in Almnzm 2.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by NeX HaCkEr
EIP-2026-102533 EXPLOITDB text
RJ-iTop Network Vulnerability Scanner System - Multiple SQL Injections
by wsn1983
EIP-2026-100540 EXPLOITDB text VERIFIED
School Management System Pro 6.0.0 - Backup Dump
by indoushka
CVE-2010-1466 EXPLOITDB text VERIFIED
openUrgence Vaccin 1.03 - Path Traversal
Directory traversal vulnerability in scr/soustab.php in openUrgence Vaccin 1.03 allows remote attackers to read arbitrary files via the dsn[phptype] parameter.
by cr4wl3r
CVE-2010-1724 EXPLOITDB text VERIFIED
Zikula Application Framework 1.2.2 - Cross-Site Scripting via Func or Lang Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Zikula Application Framework 1.2.2, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) func parameter to index.php, or the (2) lang parameter to index.php, which is not properly handled by ZLanguage.php.
by High-Tech Bridge SA
CVE-2010-1724 EXPLOITDB text VERIFIED
Zikula Application Framework 1.2.2 - Cross-Site Scripting via Func or Lang Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Zikula Application Framework 1.2.2, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) func parameter to index.php, or the (2) lang parameter to index.php, which is not properly handled by ZLanguage.php.
by High-Tech Bridge SA
EIP-2026-112953 EXPLOITDB text VERIFIED
Vana CMS - 'Filename' Arbitrary File Download
by Pouya Daneshmand