Exploitdb Exploits

31,346 exploits tracked across all sources.

Sort: Activity Stars
CVE-2010-1052 EXPLOITDB text
AudiStat 1.3 - Cross-Site Scripting via Year and Mday Parameters
Multiple cross-site scripting (XSS) vulnerabilities in index.php in AudiStat 1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) year and (2) mday parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by kaMtiEz
EIP-2026-105262 EXPLOITDB text VERIFIED
ASCET Interactive Huski Retail - Multiple SQL Injections
by Wireghoul
CVE-2010-1044 EXPLOITDB text
ManageEngine OpUtils 5.0 - SQL Injection
SQL injection vulnerability in Login.do in ManageEngine OpUtils 5.0 allows remote attackers to execute arbitrary SQL commands via the isHttpPort parameter.
by Asheesh Anaconda
EIP-2026-117352 EXPLOITDB text VERIFIED
Ipswitch IMAIL 11.01 - Reversible Encryption + weak ACL
by sinn3r
CVE-2010-1047 EXPLOITDB text VERIFIED
MASA2EL Music City <1.1 - SQL Injection
SQL injection vulnerability in index.php in MASA2EL Music City 1.0 and 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in a singer action.
by alnjm33
EIP-2026-107890 EXPLOITDB text VERIFIED
Interspire Knowledge Manager < 5.1.3 - Multiple Remote Vulnerabilities
by Cory Marsh
EIP-2026-106355 EXPLOITDB text VERIFIED
Data 1 Systems UltraBB 1.17 - 'view_post.php' Cross-Site Scripting
by s4r4d0
CVE-2010-0926 EXPLOITDB text VERIFIED
Samba <3.3.11, <3.4.6, <3.5.0rc3 - Path Traversal
The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3.5.0rc3, when a writable share exists, allows remote authenticated users to leverage a directory traversal vulnerability, and access arbitrary files, by using the symlink command in smbclient to create a symlink containing .. (dot dot) sequences, related to the combination of the unix extensions and wide links options.
by kingcope
EIP-2026-102492 EXPLOITDB text VERIFIED
KnowGate hipergate 4.0.12 - Multiple Cross-Site Scripting Vulnerabilities
by Nahuel Grisolia
CVE-2010-0607 EXPLOITDB text VERIFIED
Sterlite SAM300 AX Router - Cross-Site Scripting via Stat_Radio Parameter
Cross-site scripting (XSS) vulnerability in Forms/status_statistics_1 in the Sterlite SAM300 AX Router allows remote attackers to inject arbitrary web script or HTML via the Stat_Radio parameter.
by Karn Ganeshen
EIP-2026-111708 EXPLOITDB text VERIFIED
RealAdmin - 'detail.php' Blind SQL Injection
by AtT4CKxT3rR0r1ST
CVE-2010-0631 EXPLOITDB text VERIFIED
eicra_car_rental-script - SQL Injection via Users and Passwords Parameters
Multiple SQL injection vulnerabilities in index.php in Eicra Car Rental-Script, when the plugin_id parameter is 4, allow remote attackers to execute arbitrary SQL commands via the (1) users (username) and (2) passwords parameters.
by Hamza 'MizoZ' N.
EIP-2026-109756 EXPLOITDB text VERIFIED
myBusinessAdmin - 'content.php' Blind SQL Injection
by AtT4CKxT3rR0r1ST
EIP-2026-109050 EXPLOITDB text
KubeLance 1.7.6 - Cross-Site Request Forgery (Add Admin)
by Milos Zivanovic
EIP-2026-105859 EXPLOITDB text VERIFIED
cityadmin - 'links.php' Blind SQL Injection
by AtT4CKxT3rR0r1ST
EIP-2026-102482 EXPLOITDB text VERIFIED
Hipergate 4.0.12 - Multiple Vulnerabilities
by Nahuel Grisolia
EIP-2026-109782 EXPLOITDB text VERIFIED
MYRE Classified - 'cat' SQL Injection
by kaMtiEz
EIP-2026-109533 EXPLOITDB text VERIFIED
MobPartner Chat - Multiple SQL Injections
by AtT4CKxT3rR0r1ST
EIP-2026-107357 EXPLOITDB text VERIFIED
GCP 2.0 datasets provided as BioCASE Web services - Local File Inclusion
by R3VAN_BASTARD
EIP-2026-106476 EXPLOITDB text VERIFIED
Dlili Script - SQL Injection
by Dr.DaShEr
EIP-2026-102655 EXPLOITDB text VERIFIED
Linux Kernel 2.6.x - KVM 'pit_ioport_read()' Local Denial of Service
by Marcelo Tosatti
EIP-2026-112269 EXPLOITDB text VERIFIED
Snif 1.5.2 - Any Filetype Download
by Aodrulez
EIP-2026-112037 EXPLOITDB text
ShoutCMS - 'content.php' Blind SQL Injection
by Zero Cold
EIP-2026-108900 EXPLOITDB text VERIFIED
Joomla! Component Yelp - SQL Injection
by B-HUNT3|2
EIP-2026-108729 EXPLOITDB text VERIFIED
Joomla! Component Job - SQL Injection
by B-HUNT3|2
By Source
All 31,346 Writeup 60,481 Exploitdb 50,014 Nomisec 21,942 Metasploit 3,232 Github 2,946 Vulncheck_xdb 908 Inthewild 514 Gitlab 443 Gitee 415 Patchapalooza 312
By Language
text 31,346 python 6,200 ruby 5,922 c 3,592 perl 2,849 html 2,055 php 1,327 bash 460 java 364 c++ 252 javascript 220 shell 100 go 64 postscript 25 xml 24