Exploitdb Exploits

31,346 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-109174 EXPLOITDB text VERIFIED
Litespeed Web Server 4.0.12 - Cross-Site Request Forgery (Add Admin) / Cross-Site Scripting
by d1dn0t
CVE-2010-1081 EXPLOITDB text VERIFIED
com_communitypolls < 1.5.2 - Path Traversal via Controller Parameter
Directory traversal vulnerability in the Community Polls (com_communitypolls) component 1.5.2, and possibly earlier, for Core Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
by kaMtiEz
CVE-2010-0702 EXPLOITDB text
Fonality Trixbox 2.2.4 - SQL Injection
SQL injection vulnerability in cisco/services/PhonecDirectory.php in Fonality Trixbox 2.2.4 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
by NorSlacker
EIP-2026-105158 EXPLOITDB text
Amelia CMS - SQL Injection
by Ariko-Security
EIP-2026-103941 EXPLOITDB text VERIFIED
IBM Websphere Portal 6.0.1.5 Build wp6015 - Portlet Palette Search HTML Injection
by Sjoerd Resink
CVE-2010-0759 EXPLOITDB text VERIFIED
Core Design Scriptegrator <1.4.1 - Path Traversal
Directory traversal vulnerability in plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allows remote attackers to read, and possibly include and execute, arbitrary files via directory traversal sequences in the files[] parameter, a different vector than CVE-2010-0760.
by S2 Crew
CVE-2010-1078 EXPLOITDB text VERIFIED
XlentProjects SphereCMS 1.1 - SQL Injection
SQL injection vulnerability in archive.php in XlentProjects SphereCMS 1.1 alpha allows remote attackers to execute arbitrary SQL commands via encoded null bytes ("%00") in the view parameter, which bypasses a protection mechanism.
by AmnPardaz Security Research Team
CVE-2010-0706 EXPLOITDB text VERIFIED
Subex Nikira Fraud Management System - Cross-Site Scripting via Login Prompt Message Parameter
Cross-site scripting (XSS) vulnerability in the login/prompt component in Subex Nikira Fraud Management System allows remote attackers to inject arbitrary web script or HTML via the message parameter.
by thebluegenius
EIP-2026-110234 EXPLOITDB text VERIFIED
Open Source Classifieds 1.1.0 Alpha (OSClassi) - SQL Injection / Cross-Site Scripting / Arbitrary Admin Change
by Sioma Labs
EIP-2026-109904 EXPLOITDB text VERIFIED
New-CMS 1.08 - Multiple Local File Inclusion / HTML Injection Vulnerabilities
by Alberto Fontanella
CVE-2010-0760 EXPLOITDB text VERIFIED
Core Design Scriptegrator <1.4.1 - Path Traversal
Multiple directory traversal vulnerabilities in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) file parameter to libraries/jquery/js/ui/jsloader.php and the (2) files[] parameter to libraries/jquery/js/jsloader.php, a different vector than CVE-2010-0759. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by S2 Crew
EIP-2026-108468 EXPLOITDB text VERIFIED
Joomla! Component com_otzivi - Local File Inclusion
by AtT4CKxT3rR0r1ST
EIP-2026-106268 EXPLOITDB text VERIFIED
CubeCart - 'index.php' SQL Injection
by AtT4CKxT3rR0r1ST
CVE-2010-0703 EXPLOITDB text VERIFIED
PortWise SSL VPN 4.6 - Cross-Site Scripting via wa/auth reloadFrame Parameter
Cross-site scripting (XSS) vulnerability in wa/auth in PortWise SSL VPN 4.6 allows remote attackers to inject arbitrary web script or HTML via the reloadFrame parameter.
by George Christopoulos
CVE-2008-5517 EXPLOITDB text
git < 1.5.6 - Remote Code Execution via gitweb Shell Metacharacters
The web interface in git (gitweb) 1.5.x before 1.5.6 allows remote attackers to execute arbitrary commands via shell metacharacters related to (1) git_snapshot and (2) git_object.
by S2 Crew
EIP-2026-112858 EXPLOITDB text VERIFIED
uGround 1.0b - SQL Injection
by Easy Laster
EIP-2026-111590 EXPLOITDB text VERIFIED
PunBBAnnuaire 0.4 - Blind SQL Injection
by Metropolis
EIP-2026-111075 EXPLOITDB text
PHPIDS 0.4 - Remote File Inclusion
by eidelweiss
EIP-2026-109818 EXPLOITDB text VERIFIED
Nabernet - 'articles.php' SQL Injection
by AtT4CKxT3rR0r1ST
EIP-2026-109637 EXPLOITDB text
Multiple File Attachments Mail Form Pro 2.0 - Arbitrary File Upload
by EgoPL
EIP-2026-108252 EXPLOITDB text VERIFIED
Joomla! Component com_acteammember - SQL Injection
by ALTBTA
EIP-2026-108251 EXPLOITDB text VERIFIED
Joomla! Component com_acstartseite - SQL Injection
by AtT4CKxT3rR0r1ST
EIP-2026-108250 EXPLOITDB text VERIFIED
Joomla! Component com_acprojects - SQL Injection
by AtT4CKxT3rR0r1ST
EIP-2026-107898 EXPLOITDB text VERIFIED
intuitive - 'form.php' SQL Injection
by AtT4CKxT3rR0r1ST
CVE-2010-0720 EXPLOITDB text VERIFIED
Erotik Auktionshaus - SQL Injection
SQL injection vulnerability in news.php in Erotik Auktionshaus allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Easy Laster
By Source
All 31,346 Writeup 60,481 Exploitdb 50,014 Nomisec 21,942 Metasploit 3,232 Github 2,946 Vulncheck_xdb 908 Inthewild 514 Gitlab 443 Gitee 415 Patchapalooza 312
By Language
text 31,346 python 6,200 ruby 5,922 c 3,592 perl 2,849 html 2,055 php 1,327 bash 460 java 364 c++ 252 javascript 220 shell 100 go 64 postscript 25 xml 24