Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-108547 EXPLOITDB text VERIFIED
Joomla! Component com_solution - SQL Injection
by DevilZ TM
EIP-2026-104860 EXPLOITDB text VERIFIED
68KB - Multiple Remote File Inclusions
by ITSecTeam
EIP-2026-111422 EXPLOITDB text VERIFIED
post Card - 'catid' SQL Injection
by Hussin X
EIP-2026-109088 EXPLOITDB text VERIFIED
leaftec CMS - Multiple Vulnerabilities
by Valentin
CVE-2010-1265 EXPLOITDB text VERIFIED
Adam Corley dcsFlashGames - SQL Injection
SQL injection vulnerability in Adam Corley dcsFlashGames (com_dcs_flashgames) allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
by kaMtiEz
EIP-2026-107155 EXPLOITDB text
Flirt Matching Sms System - SQL Injection
by Easy Laster
EIP-2026-106337 EXPLOITDB text
DaFun Spirit 2.2.5 - Multiple Remote File Inclusions
by 2010-03-26
EIP-2026-106317 EXPLOITDB text
CyberCMS - SQL Injection
by hc0de
EIP-2026-106011 EXPLOITDB text VERIFIED
CmsFaethon 2.2.0 (ultimate.7z) - Multiple Vulnerabilities
by eidelweiss
EIP-2026-105616 EXPLOITDB text
BPTutors Tutoring site script - Cross-Site Request Forgery (Add Admin)
by bi0
CVE-2010-1176 EXPLOITDB text VERIFIED
Safari on Apple iPhone OS 3.1.3 for iPod touch - DoS
Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to an array of long strings, an array of IMG elements with crafted strings in their SRC attributes, a TBODY element with no associated TABLE element, and certain calls to the delete operator and the cloneNode, clearAttributes, and CollectGarbage methods, possibly a related issue to CVE-2009-0075.
by Nishant Das Patnaik
CVE-2010-1179 EXPLOITDB text VERIFIED
Safari on iPhone OS 3.1.3 - Denial of Service or Remote Code Execution via VML recolorinfo numcolors Attribute
Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a large integer in the numcolors attribute of a recolorinfo element in a VML file, possibly a related issue to CVE-2007-0024.
by Nishant Das Patnaik
EIP-2026-119107 EXPLOITDB text VERIFIED
SAP GUI 7.00 - BExGlobal Active-X unsecure method
by Alexey Sintsov
EIP-2026-113355 EXPLOITDB text VERIFIED
WebsiteBaker 2.8.1 - DataBase Backup Disclosure
by Tr0y-x
CVE-2010-1268 EXPLOITDB text VERIFIED
justVisual CMS 2.0 - Path Traversal
Directory traversal vulnerability in index.php in justVisual CMS 2.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files directory traversal sequences in the p parameter. NOTE: some of these details are obtained from third party information.
by eidelweiss
CVE-2010-1336 EXPLOITDB text VERIFIED
INVOhost 3.4 - SQL Injection via site.php id/newlanguage Parameters
Multiple SQL injection vulnerabilities in INVOhost 3.4 allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) newlanguage parameters to site.php, (3) search parameter to manuals.php, and (4) unspecified vectors to faq.php. NOTE: some of these details are obtained from third party information.
by Andrés Gómez
EIP-2026-107881 EXPLOITDB text
Interactivefx.ie CMS - SQL Injection
by Inj3ct0r
CVE-2010-1342 EXPLOITDB text VERIFIED
Direct News 4.10.2 - Remote Code Execution via PHP File Inclusion
Multiple PHP remote file inclusion vulnerabilities in Direct News 4.10.2, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter to (1) admin/menu.php and (2) library/lib.menu.php; and the adminroot parameter to (3) admin/media/update_content.php and (4) library/class.backup.php. NOTE: some of these details are obtained from third party information.
by mat
EIP-2026-103954 EXPLOITDB text VERIFIED
Jenkins Software RakNet 3.72 - Remote Integer Underflow
by Luigi Auriemma
CVE-2010-0619 EXPLOITDB text VERIFIED
Lexmark x94x - Stack-based Buffer Overflow via PJL INQUIRE Command
Stack-based buffer overflow in the base, IPDS DLE, Forms DLE, Barcode DLE, Prescribe DLE, and Printcryption DLE components on certain Lexmark laser printers and multi-function printers allows remote attackers to execute arbitrary code or cause a denial of service (device hang) via a long argument to a PJL INQUIRE command.
by Francis Provencher
EIP-2026-113018 EXPLOITDB text VERIFIED
vBulletin Blog 4.0.2 - Title Cross-Site Scripting
by FormatXformat
EIP-2026-109902 EXPLOITDB text VERIFIED
New-CMS - Local File Inclusion
by Xash
EIP-2026-108590 EXPLOITDB text VERIFIED
Joomla! Component com_wallpapers - SQL Injection
by DevilZ TM
EIP-2026-108574 EXPLOITDB text VERIFIED
Joomla! Component com_universal - Remote File Inclusion
by eidelweiss
EIP-2026-108546 EXPLOITDB text VERIFIED
Joomla! Component com_software - SQL Injection
by DevilZ TM