Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-106964 EXPLOITDB text VERIFIED
Exponent CMS 0.96.3 - 'articlemodule' SQL Injection
by T u R c O
EIP-2026-106870 EXPLOITDB text VERIFIED
EncapsCMS 0.3.6 - 'config[path]' Remote File Inclusion
by cr4wl3r
EIP-2026-106240 EXPLOITDB text
Croogo 1.2.1 - Multiple Cross-Site Request Forgery Vulnerabilities
by Milos Zivanovic
EIP-2026-105443 EXPLOITDB text VERIFIED
Belkatalog CMS - SQL Injection
by anonymous
CVE-2010-0611 EXPLOITDB text VERIFIED
baal_systems < 3.8 - SQL Injection via adminlogin.php Username and Password Parameters
Multiple SQL injection vulnerabilities in adminlogin.php in Baal Systems 3.8 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.
by cr4wl3r
EIP-2026-100236 EXPLOITDB text VERIFIED
DA Mailing List System 2 - Multiple Vulnerabilities
by Phenom
EIP-2026-116328 EXPLOITDB text VERIFIED
SQLite Browser 2.0b1 - Local Denial of Service
by Nishant Das Patnaik
EIP-2026-112025 EXPLOITDB text VERIFIED
ShopEx Single 4.5.1 - Multiple Vulnerabilities
by cp77fk4r
EIP-2026-110222 EXPLOITDB text VERIFIED
Open Bulletin Board - Multiple Blind SQL Injections
by AtT4CKxT3rR0r1ST
EIP-2026-110021 EXPLOITDB text
odlican.net CMS 1.5 - Arbitrary File Upload
by anonymous
CVE-2010-0610 EXPLOITDB text VERIFIED
com_photoblog - SQL Injection via Blog Parameter
Multiple SQL injection vulnerabilities in the Photoblog (com_photoblog) component for Joomla! allow remote attackers to execute arbitrary SQL commands via the blog parameter in an images action to index.php. NOTE: a separate vector for the id parameter to detail.php may also exist.
by ALTBTA
EIP-2026-105216 EXPLOITDB text
Arab Network Tech. (ANT) CMS - SQL Injection
by Tr0y-x
EIP-2026-102423 EXPLOITDB text VERIFIED
ShopEx Single 4.5.1 - 'errinfo' Cross-Site Scripting
by cp77fk4r
CVE-2010-1050 EXPLOITDB text
AudiStat 1.3 - SQL Injection via mday Parameter
SQL injection vulnerability in index.php in AudiStat 1.3 allows remote attackers to execute arbitrary SQL commands via the mday parameter.
by kaMtiEz
CVE-2010-0614 EXPLOITDB text VERIFIED
evalSMSI 2.1.03 - SQL Injection via ajax.php query parameter
SQL injection vulnerability in ajax.php in evalSMSI 2.1.03 allows remote attackers to execute arbitrary SQL commands via the query parameter in the (1) question action, and possibly the (2) sub_par or (3) num_quest actions.
by ekse
CVE-2010-1052 EXPLOITDB text
AudiStat 1.3 - Cross-Site Scripting via Year and Mday Parameters
Multiple cross-site scripting (XSS) vulnerabilities in index.php in AudiStat 1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) year and (2) mday parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by kaMtiEz
EIP-2026-105262 EXPLOITDB text VERIFIED
ASCET Interactive Huski Retail - Multiple SQL Injections
by Wireghoul
CVE-2010-1044 EXPLOITDB text
ManageEngine OpUtils 5.0 - SQL Injection
SQL injection vulnerability in Login.do in ManageEngine OpUtils 5.0 allows remote attackers to execute arbitrary SQL commands via the isHttpPort parameter.
by Asheesh Anaconda
EIP-2026-117352 EXPLOITDB text VERIFIED
Ipswitch IMAIL 11.01 - Reversible Encryption + weak ACL
by sinn3r
CVE-2010-1047 EXPLOITDB text VERIFIED
MASA2EL Music City <1.1 - SQL Injection
SQL injection vulnerability in index.php in MASA2EL Music City 1.0 and 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in a singer action.
by alnjm33
EIP-2026-107890 EXPLOITDB text VERIFIED
Interspire Knowledge Manager < 5.1.3 - Multiple Remote Vulnerabilities
by Cory Marsh
EIP-2026-106355 EXPLOITDB text VERIFIED
Data 1 Systems UltraBB 1.17 - 'view_post.php' Cross-Site Scripting
by s4r4d0
CVE-2010-0926 EXPLOITDB text VERIFIED
Samba <3.3.11, <3.4.6, <3.5.0rc3 - Path Traversal
The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3.5.0rc3, when a writable share exists, allows remote authenticated users to leverage a directory traversal vulnerability, and access arbitrary files, by using the symlink command in smbclient to create a symlink containing .. (dot dot) sequences, related to the combination of the unix extensions and wide links options.
by kingcope
EIP-2026-102492 EXPLOITDB text VERIFIED
KnowGate hipergate 4.0.12 - Multiple Cross-Site Scripting Vulnerabilities
by Nahuel Grisolia
CVE-2010-0607 EXPLOITDB text VERIFIED
Sterlite SAM300 AX Router - Cross-Site Scripting via Stat_Radio Parameter
Cross-site scripting (XSS) vulnerability in Forms/status_statistics_1 in the Sterlite SAM300 AX Router allows remote attackers to inject arbitrary web script or HTML via the Stat_Radio parameter.
by Karn Ganeshen