Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
CVE-2010-1493 EXPLOITDB text VERIFIED
com_awdwall < 1.5.4 - SQL Injection via cbuser Parameter
SQL injection vulnerability in the AWDwall (com_awdwall) component before 1.5.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cbuser parameter in an awdwall action to index.php.
by AntiSecurity
EIP-2026-109047 EXPLOITDB text
Kubeit CMS - SQL Injection
by Phenom
EIP-2026-108842 EXPLOITDB text VERIFIED
Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion (1)
by AntiSecurity
EIP-2026-108591 EXPLOITDB text VERIFIED
Joomla! Component com_webeecomment 2.0 - Local File Inclusion
by AntiSecurity
EIP-2026-108269 EXPLOITDB text
Joomla! Component com_articles - SQL Injection
by pratul agrawal
CVE-2010-1494 EXPLOITDB text VERIFIED
Joomla! com_awdwall 1.5.4 - Path Traversal
Directory traversal vulnerability in the AWDwall (com_awdwall) component 1.5.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
by AntiSecurity
EIP-2026-104107 EXPLOITDB text VERIFIED
Tiny Java Web Server 1.71 - Multiple Input Validation Vulnerabilities
by cp77fk4r
EIP-2026-103986 EXPLOITDB text VERIFIED
miniature java Web server 1.71 - Multiple Vulnerabilities
by cp77fk4r
CVE-2009-2754 EXPLOITDB text VERIFIED
IBM Informix Dynamic Server <11.10.TC3 - RCE
Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3 and EMC Legato NetWorker, allows remote attackers to execute arbitrary code via a crafted parameter size that triggers a stack-based buffer overflow.
by ZSploit.com
EIP-2026-103230 EXPLOITDB text VERIFIED
TCPDF 4.5.036/4.9.5 - 'params' Attribute Remote Code Execution
by apoc
EIP-2026-111444 EXPLOITDB text VERIFIED
PotatoNews 1.0.2 - 'nid' Multiple Local File Inclusions
by mat
EIP-2026-111366 EXPLOITDB text VERIFIED
Plume CMS 1.2.4 - Multiple Local File Inclusions
by eidelweiss
CVE-2010-1354 EXPLOITDB text VERIFIED
Joomla! VJDEO <1.0.1 - Path Traversal
Directory traversal vulnerability in the VJDEO (com_vjdeo) component 1.0 and 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
by Angela Zhang
EIP-2026-108217 EXPLOITDB text VERIFIED
Joomla! Component aWiki - Local File Inclusion
by Angela Zhang
EIP-2026-107975 EXPLOITDB text
Istgah for Centerhost - Multiple Vulnerabilities
by indoushka
EIP-2026-107974 EXPLOITDB text VERIFIED
Istgah For Centerhost - 'view_ad.php' Cross-Site Scripting
by indoushka
EIP-2026-107213 EXPLOITDB text
Free Image & File Hosting - Arbitrary File Upload
by indoushka
EIP-2026-103780 EXPLOITDB text VERIFIED
Local Glibc Shared Library (.so) 2.11.1 - Code Execution
by Rh0
EIP-2026-100311 EXPLOITDB text VERIFIED
Espinas CMS - SQL Injection
by Pouya Daneshmand
EIP-2026-115592 EXPLOITDB text VERIFIED
McAfee Email Gateway < 6.7.2 Hotfix 2 - Multiple Vulnerabilities
by Nahuel Grisolia
EIP-2026-115496 EXPLOITDB text VERIFIED
Juke 4.0.2 - Denial of Service Multiple Files
by anonymous
EIP-2026-115280 EXPLOITDB text VERIFIED
Foxit Reader 3.2.1.0401 - Denial of Service
by juza
CVE-2010-1186 EXPLOITDB text VERIFIED
NextGEN Gallery < 1.5.2 - Cross-Site Scripting via mode Parameter
Cross-site scripting (XSS) vulnerability in xml/media-rss.php in the NextGEN Gallery plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the mode parameter.
by Alejandro Rodriguez
EIP-2026-112031 EXPLOITDB text VERIFIED
ShopSystem - SQL Injection
by Valentin
CVE-2010-5053 EXPLOITDB text VERIFIED
com_xobbix 1.0.1 - SQL Injection via prodid Parameter
SQL injection vulnerability in the XOBBIX (com_xobbix) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the prodid parameter in a prod_desc action to index.php.
by AntiSecurity