Exploitdb Exploits

31,346 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-103988 EXPLOITDB text VERIFIED
Mongoose 2.8 - Space String Remote File Disclosure
by Pouya Daneshmand
EIP-2026-103950 EXPLOITDB text VERIFIED
JDownloader - 'JDExternInterface.java' Remote Code Execution
by apoc
CVE-2010-1048 EXPLOITDB text VERIFIED
Uiga Business Portal - Stored Cross-Site Scripting via Comment Box Textcomment Parameter
Cross-site scripting (XSS) vulnerability in blog/index.php in Uiga Business Portal allows remote attackers to inject arbitrary web script or HTML via the textcomment parameter (aka the Comment Box) in a noentryid action. NOTE: some of these details are obtained from third party information.
by Sioma Labs
CVE-2010-1053 EXPLOITDB text VERIFIED
Zen Time Tracking <2.2 - SQL Injection
Multiple SQL injection vulnerabilities in Zen Time Tracking 2.2 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters to (a) userlogin.php and (b) managerlogin.php. NOTE: some of these details are obtained from third party information.
by cr4wl3r
EIP-2026-114391 EXPLOITDB text VERIFIED
WSN Guest - Database Disclosure
by HackXBack
CVE-2010-1049 EXPLOITDB text VERIFIED
Uiga Business Portal - SQL Injection
Multiple SQL injection vulnerabilities in Uiga Business Portal allow remote attackers to execute arbitrary SQL commands via the (1) noentryid parameter to blog/index.php and the (2) p parameter to index2.php.
by Sioma Labs
EIP-2026-112710 EXPLOITDB text
TinyMCE WYSIWYG Editor - Multiple Vulnerabilities
by mc2_s3lector
CVE-2010-1046 EXPLOITDB text VERIFIED
rostermain < 1.1 - SQL Injection via Userid or Password Parameter
Multiple SQL injection vulnerabilities in index.php in Rostermain 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) userid (username) and (2) password parameters.
by cr4wl3r
EIP-2026-109002 EXPLOITDB text
Killmonster 2.1 - Authentication Bypass
by cr4wl3r
CVE-2010-1045 EXPLOITDB text VERIFIED
Joomla! com_productbook 1.0.4 - SQL Injection
SQL injection vulnerability in the Productbook (com_productbook) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: some of these details are obtained from third party information.
by snakespc
EIP-2026-106964 EXPLOITDB text VERIFIED
Exponent CMS 0.96.3 - 'articlemodule' SQL Injection
by T u R c O
EIP-2026-106870 EXPLOITDB text VERIFIED
EncapsCMS 0.3.6 - 'config[path]' Remote File Inclusion
by cr4wl3r
EIP-2026-106240 EXPLOITDB text
Croogo 1.2.1 - Multiple Cross-Site Request Forgery Vulnerabilities
by Milos Zivanovic
EIP-2026-105443 EXPLOITDB text VERIFIED
Belkatalog CMS - SQL Injection
by anonymous
CVE-2010-0611 EXPLOITDB text VERIFIED
baal_systems < 3.8 - SQL Injection via adminlogin.php Username and Password Parameters
Multiple SQL injection vulnerabilities in adminlogin.php in Baal Systems 3.8 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.
by cr4wl3r
EIP-2026-100236 EXPLOITDB text VERIFIED
DA Mailing List System 2 - Multiple Vulnerabilities
by Phenom
EIP-2026-116328 EXPLOITDB text VERIFIED
SQLite Browser 2.0b1 - Local Denial of Service
by Nishant Das Patnaik
EIP-2026-112025 EXPLOITDB text VERIFIED
ShopEx Single 4.5.1 - Multiple Vulnerabilities
by cp77fk4r
EIP-2026-110222 EXPLOITDB text VERIFIED
Open Bulletin Board - Multiple Blind SQL Injections
by AtT4CKxT3rR0r1ST
EIP-2026-110021 EXPLOITDB text
odlican.net CMS 1.5 - Arbitrary File Upload
by anonymous
CVE-2010-0610 EXPLOITDB text VERIFIED
com_photoblog - SQL Injection via Blog Parameter
Multiple SQL injection vulnerabilities in the Photoblog (com_photoblog) component for Joomla! allow remote attackers to execute arbitrary SQL commands via the blog parameter in an images action to index.php. NOTE: a separate vector for the id parameter to detail.php may also exist.
by ALTBTA
EIP-2026-105216 EXPLOITDB text
Arab Network Tech. (ANT) CMS - SQL Injection
by Tr0y-x
EIP-2026-102423 EXPLOITDB text VERIFIED
ShopEx Single 4.5.1 - 'errinfo' Cross-Site Scripting
by cp77fk4r
CVE-2010-1050 EXPLOITDB text
AudiStat 1.3 - SQL Injection via mday Parameter
SQL injection vulnerability in index.php in AudiStat 1.3 allows remote attackers to execute arbitrary SQL commands via the mday parameter.
by kaMtiEz
CVE-2010-0614 EXPLOITDB text VERIFIED
evalSMSI 2.1.03 - SQL Injection via ajax.php query parameter
SQL injection vulnerability in ajax.php in evalSMSI 2.1.03 allows remote attackers to execute arbitrary SQL commands via the query parameter in the (1) question action, and possibly the (2) sub_par or (3) num_quest actions.
by ekse
By Source
All 31,346 Writeup 60,481 Exploitdb 50,014 Nomisec 21,942 Metasploit 3,232 Github 2,946 Vulncheck_xdb 908 Inthewild 514 Gitlab 443 Gitee 415 Patchapalooza 312
By Language
text 31,346 python 6,200 ruby 5,922 c 3,592 perl 2,849 html 2,055 php 1,327 bash 460 java 364 c++ 252 javascript 220 shell 100 go 64 postscript 25 xml 24