Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-100416 EXPLOITDB text VERIFIED
Max Network Technology BBSMAX 4.2 - 'threadid' Cross-Site Scripting
by Liscker
EIP-2026-119108 EXPLOITDB text VERIFIED
SAP GUI 7.10 - WebViewer3D Active-X JIT-Spray
by Alexey Sintsov
EIP-2026-117411 EXPLOITDB text VERIFIED
Lenovo Hotkey Driver 5.33 - Local Privilege Escalation
by Chilik Tamir
EIP-2026-113437 EXPLOITDB text VERIFIED
Wild CMS - SQL Injection
by Ariko-Security
EIP-2026-112855 EXPLOITDB text VERIFIED
Uebimiau Webmail 3.2.0-2.0 - Email Disclosure
by Z3r0c0re_ R4vax
EIP-2026-112682 EXPLOITDB text VERIFIED
TikiWik < 4.2 - Multiple Vulnerabilities
by Mateusz Drygas
EIP-2026-110697 EXPLOITDB text VERIFIED
PHP File Sharing System 1.5.1 - Multiple Vulnerabilities
by blake
CVE-2010-5060 EXPLOITDB text VERIFIED
NUs Newssystem <1.02 - SQL Injection
SQL injection vulnerability in Nus.php in NUs Newssystem 1.02 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by n3w7u
CVE-2010-5062 EXPLOITDB text VERIFIED
MH Products kleinanzeigenmarkt - SQL Injection
SQL injection vulnerability in search.php in MH Products kleinanzeigenmarkt allows remote attackers to execute arbitrary SQL commands via the c parameter.
by Easy Laster
EIP-2026-108367 EXPLOITDB text VERIFIED
Joomla! Component com_hezacontent 1.0 - 'id' SQL Injection
by kaMtiEz
CVE-2010-1132 EXPLOITDB text VERIFIED
SpamAssassin Milter Plugin <0.3.1 - RCE
The mlfi_envrcpt function in spamass-milter.cpp in SpamAssassin Milter Plugin 0.3.1, when using the expand option, allows remote attackers to execute arbitrary system commands via shell metacharacters in the RCPT TO field of an email message.
by kingcope
EIP-2026-100363 EXPLOITDB text VERIFIED
IBM ENOVIA SmarTeam - 'LoginPage.aspx' Cross-Site Scripting
by Lament
CVE-2010-0958 EXPLOITDB text VERIFIED
Tribisur < 2.1 - Remote File Inclusion via Theme Parameter
Directory traversal vulnerability in modules/hayoo/index.php in Tribisur 2.1, 2.0, and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary files via directory traversal sequences in the theme parameter. NOTE: some of these details are obtained from third party information.
by cr4wl3r
EIP-2026-106611 EXPLOITDB text VERIFIED
DZ Auktionshaus 'V4.rgo' - 'id' news.php?SQL Injection
by Easy Laster
EIP-2026-105818 EXPLOITDB text VERIFIED
Chaton 1.5.2 - Local File Inclusion
by cr4wl3r
EIP-2026-100493 EXPLOITDB text VERIFIED
Pre E-Learning Portal - 'search_result.asp' SQL Injection
by NoGe
EIP-2026-100415 EXPLOITDB text VERIFIED
Max Network Technology BBSMAX 4.2 - 'post.aspx' Cross-Site Scripting
by Liscker
EIP-2026-100130 EXPLOITDB text VERIFIED
ASPCode CMS 1.5.8 - 'default.asp' Multiple Cross-Site Scripting Vulnerabilities
by Alberto Fontanella
EIP-2026-110262 EXPLOITDB text VERIFIED
OpenCart 1.3.2 - 'page' SQL Injection
by Andrés Gómez
CVE-2010-0955 EXPLOITDB text VERIFIED
Bild Flirt Community 2.0 - SQL Injection
SQL injection vulnerability in index.php in Bild Flirt Community 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Easy Laster
EIP-2026-118894 EXPLOITDB text VERIFIED
Microsoft Windows XP/2000 - Help File Relative Path Remote Command Execution
by Secumania
EIP-2026-115351 EXPLOITDB text VERIFIED
Google Chrome 4.0.249 - XML Denial of Service (PoC)
by Blade
CVE-2010-0953 EXPLOITDB text VERIFIED
phpCOIN 1.2.1 - Path Traversal via mod Parameter
Directory traversal vulnerability in mod.php in phpCOIN 1.2.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the mod parameter.
by _mlk_
EIP-2026-111015 EXPLOITDB text VERIFIED
phpCOIN 1.2.1 - 'mod' Local File Inclusion
by _mlk_
CVE-2010-0951 EXPLOITDB text VERIFIED
dev4u CMS - SQL Injection via go_target.php kontent_id Parameter
SQL injection vulnerability in go_target.php in dev4u CMS allows remote attackers to execute arbitrary SQL commands via the kontent_id parameter.
by Easy Laster