Exploitdb Exploits

31,346 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-112318 EXPLOITDB text VERIFIED
Softbiz Jobs - 'sbad_type' Cross-Site Scripting
by pratul agrawal
EIP-2026-111646 EXPLOITDB text VERIFIED
QuickDev 4 PHP - Database Disclosure
by ViRuSMaN
CVE-2010-0722 EXPLOITDB text VERIFIED
php_auktion_pro - SQL Injection via news.php id Parameter
SQL injection vulnerability in news.php in Php Auktion Pro allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Easy Laster
EIP-2026-100165 EXPLOITDB text VERIFIED
bispage - Bypass
by SaMir-BonD
CVE-2010-0724 EXPLOITDB text
Arab Cart 1.0.2.0 - SQL Injection via showimg.php id Parameter
SQL injection vulnerability in showimg.php in Arab Cart 1.0.2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by indoushka
CVE-2010-0700 EXPLOITDB text VERIFIED
WampServer 2.0i - Cross-Site Scripting via Lang Parameter
Cross-site scripting (XSS) vulnerability in index.php in WampServer 2.0i allows remote attackers to inject arbitrary web script or HTML via the lang parameter.
by Gjoko Krstic
CVE-2010-1077 EXPLOITDB text VERIFIED
Crawlability vBSEO <3.1.0 - Path Traversal
Directory traversal vulnerability in vbseo.php in Crawlability vBSEO plugin 3.1.0 for vBulletin allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the vbseourl parameter.
by ViRuSMaN
CVE-2010-0758 EXPLOITDB text VERIFIED
Softbiz Jobs and Recruitment Script - SQL Injection via news_desc.php id Parameter
SQL injection vulnerability in news_desc.php in Softbiz Jobs allows remote attackers to execute arbitrary SQL commands via the id parameter.
by BAYBORA
EIP-2026-111004 EXPLOITDB text
phpBugTracker 1.0.1 - File Disclosure
by ViRuSMaN
EIP-2026-107328 EXPLOITDB text VERIFIED
Galerie Dezign-Box France - Multiple Vulnerabilities
by indoushka
EIP-2026-107327 EXPLOITDB text VERIFIED
Galerie Dezign-Box - Multiple Input Validation Vulnerabilities
by indoushka
CVE-2010-0723 EXPLOITDB text VERIFIED
Ero Auktion 2.0 and 2010 - SQL Injection via News.php ID Parameter
SQL injection vulnerability in news.php in Ero Auktion 2.0 and 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Easy Laster
CVE-2010-0723 EXPLOITDB text VERIFIED
Ero Auktion 2.0 and 2010 - SQL Injection via News.php ID Parameter
SQL injection vulnerability in news.php in Ero Auktion 2.0 and 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Easy Laster
EIP-2026-105241 EXPLOITDB text
Article Friendly - SQL Injection
by SkuLL-HackeR
CVE-2010-0725 EXPLOITDB text
Arab Cart 1.0.2.0 - Cross-Site Scripting via showimg.php id Parameter
Cross-site scripting (XSS) vulnerability in showimg.php in Arab Cart 1.0.2.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
by indoushka
EIP-2026-104894 EXPLOITDB text VERIFIED
Ac4p.com Gallery 1.0 - Multiple Vulnerabilities
by indoushka
CVE-2009-3960 EXPLOITDB MEDIUM text VERIFIED
BlazeDS < 3.2 - Information Disclosure via XML External Entity Injection
Unspecified vulnerability in BlazeDS 3.2 and earlier, as used in LiveCycle 8.0.1, 8.2.1, and 9.0, LiveCycle Data Services 2.5.1, 2.6.1, and 3.0, Flex Data Services 2.0.1, and ColdFusion 7.0.2, 8.0, 8.0.1, and 9.0, allows remote attackers to obtain sensitive information via vectors that are associated with a request, and related to injected tags and external entity references in XML documents.
by Roberto Suggi Liverani
CVSS 6.5
EIP-2026-112998 EXPLOITDB text VERIFIED
vBulletin 4.0.2 - Multiple Cross-Site Scripting Vulnerabilities
by indoushka
EIP-2026-109898 EXPLOITDB text VERIFIED
Netzbrett - Database Disclosure
by ViRuSMaN
EIP-2026-108511 EXPLOITDB text VERIFIED
Joomla! Component com_recipe - Multiple SQL Injections
by FL0RiX
EIP-2026-107126 EXPLOITDB text VERIFIED
FlatFile Login System - Remote Password Disclosure
by ViRuSMaN
CVE-2010-0698 EXPLOITDB text VERIFIED
Dynamicsoft WSC CMS 2.2 - SQL Injection
SQL injection vulnerability in backoffice/login.asp in Dynamicsoft WSC CMS 2.2 allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: some of these details are obtained from third party information.
by Phenom
EIP-2026-112304 EXPLOITDB text VERIFIED
Social Web CMS 2 - 'index.php' Cross-Site Scripting
by GoLdeN-z3r0
EIP-2026-111103 EXPLOITDB text
PHPKit 1.6.1 - 'mailer.php' SQL Injection
by Easy Laster
EIP-2026-110931 EXPLOITDB text
phpAutoVideo - Cross-Site Request Forgery
by GoLdeN-z3r0
By Source
All 31,346 Writeup 60,481 Exploitdb 50,014 Nomisec 21,942 Metasploit 3,232 Github 2,946 Vulncheck_xdb 908 Inthewild 514 Gitlab 443 Gitee 415 Patchapalooza 312
By Language
text 31,346 python 6,200 ruby 5,922 c 3,592 perl 2,849 html 2,055 php 1,327 bash 460 java 364 c++ 252 javascript 220 shell 100 go 64 postscript 25 xml 24