Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-107327 EXPLOITDB text VERIFIED
Galerie Dezign-Box - Multiple Input Validation Vulnerabilities
by indoushka
CVE-2010-0723 EXPLOITDB text VERIFIED
Ero Auktion 2.0 and 2010 - SQL Injection via News.php ID Parameter
SQL injection vulnerability in news.php in Ero Auktion 2.0 and 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Easy Laster
CVE-2010-0723 EXPLOITDB text VERIFIED
Ero Auktion 2.0 and 2010 - SQL Injection via News.php ID Parameter
SQL injection vulnerability in news.php in Ero Auktion 2.0 and 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Easy Laster
EIP-2026-105241 EXPLOITDB text
Article Friendly - SQL Injection
by SkuLL-HackeR
CVE-2010-0725 EXPLOITDB text
Arab Cart 1.0.2.0 - Cross-Site Scripting via showimg.php id Parameter
Cross-site scripting (XSS) vulnerability in showimg.php in Arab Cart 1.0.2.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
by indoushka
EIP-2026-104894 EXPLOITDB text VERIFIED
Ac4p.com Gallery 1.0 - Multiple Vulnerabilities
by indoushka
CVE-2009-3960 EXPLOITDB MEDIUM text VERIFIED
BlazeDS < 3.2 - Information Disclosure via XML External Entity Injection
Unspecified vulnerability in BlazeDS 3.2 and earlier, as used in LiveCycle 8.0.1, 8.2.1, and 9.0, LiveCycle Data Services 2.5.1, 2.6.1, and 3.0, Flex Data Services 2.0.1, and ColdFusion 7.0.2, 8.0, 8.0.1, and 9.0, allows remote attackers to obtain sensitive information via vectors that are associated with a request, and related to injected tags and external entity references in XML documents.
by Roberto Suggi Liverani
CVSS 6.5
EIP-2026-112998 EXPLOITDB text VERIFIED
vBulletin 4.0.2 - Multiple Cross-Site Scripting Vulnerabilities
by indoushka
EIP-2026-109898 EXPLOITDB text VERIFIED
Netzbrett - Database Disclosure
by ViRuSMaN
EIP-2026-108511 EXPLOITDB text VERIFIED
Joomla! Component com_recipe - Multiple SQL Injections
by FL0RiX
EIP-2026-107126 EXPLOITDB text VERIFIED
FlatFile Login System - Remote Password Disclosure
by ViRuSMaN
CVE-2010-0698 EXPLOITDB text VERIFIED
Dynamicsoft WSC CMS 2.2 - SQL Injection
SQL injection vulnerability in backoffice/login.asp in Dynamicsoft WSC CMS 2.2 allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: some of these details are obtained from third party information.
by Phenom
EIP-2026-112304 EXPLOITDB text VERIFIED
Social Web CMS 2 - 'index.php' Cross-Site Scripting
by GoLdeN-z3r0
EIP-2026-111103 EXPLOITDB text
PHPKit 1.6.1 - 'mailer.php' SQL Injection
by Easy Laster
EIP-2026-110931 EXPLOITDB text
phpAutoVideo - Cross-Site Request Forgery
by GoLdeN-z3r0
EIP-2026-109174 EXPLOITDB text VERIFIED
Litespeed Web Server 4.0.12 - Cross-Site Request Forgery (Add Admin) / Cross-Site Scripting
by d1dn0t
CVE-2010-1081 EXPLOITDB text VERIFIED
com_communitypolls < 1.5.2 - Path Traversal via Controller Parameter
Directory traversal vulnerability in the Community Polls (com_communitypolls) component 1.5.2, and possibly earlier, for Core Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
by kaMtiEz
CVE-2010-0702 EXPLOITDB text
Fonality Trixbox 2.2.4 - SQL Injection
SQL injection vulnerability in cisco/services/PhonecDirectory.php in Fonality Trixbox 2.2.4 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
by NorSlacker
EIP-2026-105158 EXPLOITDB text
Amelia CMS - SQL Injection
by Ariko-Security
EIP-2026-103941 EXPLOITDB text VERIFIED
IBM Websphere Portal 6.0.1.5 Build wp6015 - Portlet Palette Search HTML Injection
by Sjoerd Resink
CVE-2010-0759 EXPLOITDB text VERIFIED
Core Design Scriptegrator <1.4.1 - Path Traversal
Directory traversal vulnerability in plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allows remote attackers to read, and possibly include and execute, arbitrary files via directory traversal sequences in the files[] parameter, a different vector than CVE-2010-0760.
by S2 Crew
CVE-2010-1078 EXPLOITDB text VERIFIED
XlentProjects SphereCMS 1.1 - SQL Injection
SQL injection vulnerability in archive.php in XlentProjects SphereCMS 1.1 alpha allows remote attackers to execute arbitrary SQL commands via encoded null bytes ("%00") in the view parameter, which bypasses a protection mechanism.
by AmnPardaz Security Research Team
CVE-2010-0706 EXPLOITDB text VERIFIED
Subex Nikira Fraud Management System - Cross-Site Scripting via Login Prompt Message Parameter
Cross-site scripting (XSS) vulnerability in the login/prompt component in Subex Nikira Fraud Management System allows remote attackers to inject arbitrary web script or HTML via the message parameter.
by thebluegenius
EIP-2026-110234 EXPLOITDB text VERIFIED
Open Source Classifieds 1.1.0 Alpha (OSClassi) - SQL Injection / Cross-Site Scripting / Arbitrary Admin Change
by Sioma Labs
EIP-2026-109904 EXPLOITDB text VERIFIED
New-CMS 1.08 - Multiple Local File Inclusion / HTML Injection Vulnerabilities
by Alberto Fontanella