Exploitdb Exploits

31,346 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-108659 EXPLOITDB text
Joomla! Component Gift Exchange com_giftexchange 1.0 Beta - 'pkg' SQL Injection
by Chip d3 bi0s
EIP-2026-104142 EXPLOITDB text VERIFIED
ZKSoftware 'ZK5000' - Remote Information Disclosure
by fb1h2s
EIP-2026-103958 EXPLOITDB text VERIFIED
KDE 4.4.1 - Ksysguard Remote Code Execution (via Cross Application Scripting)
by emgent
EIP-2026-101499 EXPLOITDB text
ZKSoftware Biometric Attendence Managnmnet Hardware[MIPS] 2 - Improper Authentication
by fb1h2s
EIP-2026-100916 EXPLOITDB text VERIFIED
Trouble Ticket Software - 'ttx.cgi' Arbitrary File Download
by n01d
EIP-2026-112999 EXPLOITDB text VERIFIED
vBulletin 4.0.2 - Search Cross-Site Scripting
by 5ubzer0
EIP-2026-111628 EXPLOITDB text VERIFIED
quality point 1.0 newsfeed - SQL Injection / Cross-Site Scripting
by Red-D3v1L
EIP-2026-111253 EXPLOITDB text VERIFIED
PHPWind 6.0 - Multiple Cross-Site Scripting Vulnerabilities
by Liscker
EIP-2026-111196 EXPLOITDB text VERIFIED
PHPscripte24 Preisschlacht Liveshop System - 'index.php?aid' SQL Injection
by Easy Laster
CVE-2010-1217 EXPLOITDB text VERIFIED
JE Form Creator - Unauthenticated Directory Traversal via View Parameter
Directory traversal vulnerability in the JE Form Creator (com_jeformcr) component for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter to index.php. NOTE: the original researcher states that the affected product is JE Tooltip, not Form Creator; however, the exploit URL suggests that Form Creator is affected.
by Chip d3 bi0s
EIP-2026-106457 EXPLOITDB text
DirectAdmin 1.34.4 - Multiple Cross-Site Request Forgerys
by K053
EIP-2026-103935 EXPLOITDB text VERIFIED
IBM Lotus Notes 6.5.x - 'names.nsf' Cross-Site Scripting
by Lament
EIP-2026-103934 EXPLOITDB text VERIFIED
IBM Lotus Notes 6.5.6 - 'names.nsf' Open Redirection
by Lament
CVE-2010-1269 EXPLOITDB text VERIFIED
phpscripte24 Niedrig Gebote Pro Auktions System II - SQL Injection via auktion.php id_auk Parameter
SQL injection vulnerability in auktion.php in phpscripte24 Niedrig Gebote Pro Auktions System II allows remote attackers to execute arbitrary SQL commands via the id_auk parameter.
by Easy Laster
EIP-2026-115105 EXPLOITDB text VERIFIED
Crimson Editor - Overwrite (SEH)
by sharpe
EIP-2026-112596 EXPLOITDB text VERIFIED
tenfourzero.net Shutter 0.1.4 - 'admin.html' Multiple SQL Injections
by blake
EIP-2026-112334 EXPLOITDB text VERIFIED
SOFTSAURUS 2.01 - Multiple Remote File Inclusions
by cr4wl3r
EIP-2026-112183 EXPLOITDB text VERIFIED
SiteDone Custom Edition 2.0 - SQL Injection / Cross-Site Scripting
by d3v1l
CVE-2010-1270 EXPLOITDB text VERIFIED
Multi Auktions Komplett System 2 - SQL Injection
SQL injection vulnerability in auktion.php in Multi Auktions Komplett System 2 allows remote attackers to execute arbitrary SQL commands via the id_auk parameter.
by Easy Laster
EIP-2026-110930 EXPLOITDB text VERIFIED
phpAuthent 0.2.1 - SQL Injection
by Gamoscu
EIP-2026-110584 EXPLOITDB text VERIFIED
philboard 1.02 - SQL Injection
by ViRuS_HiMa
EIP-2026-109853 EXPLOITDB text VERIFIED
nensor CMS 2.01 - Multiple Vulnerabilities
by cr4wl3r
EIP-2026-108990 EXPLOITDB text VERIFIED
Kempt SiteDone 2.0 - '/detail.php' Cross-Site Scripting / SQL Injection
by d3v1l
EIP-2026-106431 EXPLOITDB text VERIFIED
DewNewPHPLinks 2.1.0.1 - Local File Inclusion
by ITSecTeam
EIP-2026-102498 EXPLOITDB text VERIFIED
ManageEngine ServiceDesk Plus 7.6 - woID SQL Injection
by Nahuel Grisolia
By Source
All 31,346 Writeup 60,479 Exploitdb 50,014 Nomisec 21,938 Metasploit 3,232 Github 2,886 Vulncheck_xdb 908 Inthewild 514 Gitlab 443 Gitee 415 Patchapalooza 312
By Language
text 31,346 python 6,149 ruby 5,922 c 3,588 perl 2,849 html 2,054 php 1,327 bash 460 java 364 c++ 252 javascript 220 shell 99 go 64 postscript 25 xml 24