Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-111708 EXPLOITDB text VERIFIED
RealAdmin - 'detail.php' Blind SQL Injection
by AtT4CKxT3rR0r1ST
CVE-2010-0631 EXPLOITDB text VERIFIED
eicra_car_rental-script - SQL Injection via Users and Passwords Parameters
Multiple SQL injection vulnerabilities in index.php in Eicra Car Rental-Script, when the plugin_id parameter is 4, allow remote attackers to execute arbitrary SQL commands via the (1) users (username) and (2) passwords parameters.
by Hamza 'MizoZ' N.
EIP-2026-109756 EXPLOITDB text VERIFIED
myBusinessAdmin - 'content.php' Blind SQL Injection
by AtT4CKxT3rR0r1ST
EIP-2026-109050 EXPLOITDB text
KubeLance 1.7.6 - Cross-Site Request Forgery (Add Admin)
by Milos Zivanovic
EIP-2026-105859 EXPLOITDB text VERIFIED
cityadmin - 'links.php' Blind SQL Injection
by AtT4CKxT3rR0r1ST
EIP-2026-102482 EXPLOITDB text VERIFIED
Hipergate 4.0.12 - Multiple Vulnerabilities
by Nahuel Grisolia
EIP-2026-109782 EXPLOITDB text VERIFIED
MYRE Classified - 'cat' SQL Injection
by kaMtiEz
EIP-2026-109533 EXPLOITDB text VERIFIED
MobPartner Chat - Multiple SQL Injections
by AtT4CKxT3rR0r1ST
EIP-2026-107357 EXPLOITDB text VERIFIED
GCP 2.0 datasets provided as BioCASE Web services - Local File Inclusion
by R3VAN_BASTARD
EIP-2026-106476 EXPLOITDB text VERIFIED
Dlili Script - SQL Injection
by Dr.DaShEr
EIP-2026-102655 EXPLOITDB text VERIFIED
Linux Kernel 2.6.x - KVM 'pit_ioport_read()' Local Denial of Service
by Marcelo Tosatti
EIP-2026-112269 EXPLOITDB text VERIFIED
Snif 1.5.2 - Any Filetype Download
by Aodrulez
EIP-2026-112037 EXPLOITDB text
ShoutCMS - 'content.php' Blind SQL Injection
by Zero Cold
EIP-2026-108900 EXPLOITDB text VERIFIED
Joomla! Component Yelp - SQL Injection
by B-HUNT3|2
EIP-2026-108729 EXPLOITDB text VERIFIED
Joomla! Component Job - SQL Injection
by B-HUNT3|2
EIP-2026-108357 EXPLOITDB text VERIFIED
Joomla! Component com_gambling - 'gamblingEvent' SQL Injection
by md.r00t
CVE-2010-0801 EXPLOITDB text VERIFIED
AutartiTarot (com_autartitarot) 1.0.3 - Path Traversal
Directory traversal vulnerability in the AutartiTarot (com_autartitarot) component 1.0.3 for Joomla! allows remote authenticated users, with "Public Back-end" group permissions, to read arbitrary files via directory traversal sequences in the controller parameter in an edit task to administrator/index.php. NOTE: some of these details are obtained from third party information.
by B-HUNT3|2
CVE-2010-1611 EXPLOITDB text
Alegrocart - Cross-Site Request Forgery
Cross-site request forgery (CSRF) vulnerability in AlegroCart 1.1 allows remote attackers to hijack the authentication of the administrator for requests that reset the administrator password via a POST to admin/ with an update action.
by The.Morpheus
CVE-2010-0630 EXPLOITDB text VERIFIED
Evernew Free Joke Script 1.2 - SQL Injection via viewjokes.php id Parameter
SQL injection vulnerability in viewjokes.php in Evernew Free Joke Script 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Hamza 'MizoZ' N.
EIP-2026-106852 EXPLOITDB text VERIFIED
EmiratesHost - Insecure Cookie Authentication Bypass
by jago-dz
CVE-2010-0307 EXPLOITDB text VERIFIED
Linux Kernel < 2.6.32.8 - Denial of Service via ELF Interpreter Handling
The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of service (system crash) via a 32-bit application that attempts to execute a 64-bit application and then triggers a segmentation fault, as demonstrated by amd64_killer, related to the flush_old_exec function.
by Mathias Krause
EIP-2026-100512 EXPLOITDB text VERIFIED
RaakCMS - Multiple Vulnerabilities
by Pouya Daneshmand
EIP-2026-111881 EXPLOITDB text
Saman Portal - SQL Injection
by Pouya Daneshmand
EIP-2026-109255 EXPLOITDB text
Maian Greetings 2.1 - Arbitrary File Upload
by indoushka
EIP-2026-109069 EXPLOITDB text VERIFIED
Last Wizardz - 'id' SQL Injection
by Sec Attack Team