Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-104427 EXPLOITDB text VERIFIED
Serialsystem 1.0.4 Beta - 'list' Cross-Site Scripting
by indoushka
EIP-2026-104256 EXPLOITDB text VERIFIED
FreePBX 2.5.x < 2.6.0 - Persistent Cross-Site Scripting
by Ivan Huertas
EIP-2026-104255 EXPLOITDB text VERIFIED
FreePBX 2.5.x - Information Disclosure
by Ivan Huertas
EIP-2026-104254 EXPLOITDB text VERIFIED
FreePBX 2.5.1 - SQL Injection
by Ivan Huertas
CVE-2010-0713 EXPLOITDB text VERIFIED
Zenoss < 2.5 - Cross-Site Request Forgery via Admin Password Reset and Command Change
Multiple cross-site request forgery (CSRF) vulnerabilities in Zenoss 2.3.3, and other versions before 2.5, allow remote attackers to hijack the authentication of an administrator for (1) requests that reset user passwords via zport/dmd/ZenUsers/admin, and (2) requests that change user commands, which allows for remote execution of system commands via zport/dmd/userCommands/.
by Adam Baldwin
EIP-2026-119223 EXPLOITDB text
Trend Micro Web-Deployment - ActiveX Remote Execution
by superli
EIP-2026-116628 EXPLOITDB text VERIFIED
Xunlei XPPlayer 5.9.14.1246 - ActiveX Remote Execution (PoC)
by superli
EIP-2026-112914 EXPLOITDB text VERIFIED
Uploader by CeleronDude 5.3.0 - Arbitrary File Upload (2)
by Stink'
CVE-2010-0390 EXPLOITDB text VERIFIED
PHP F1 Max's Image Uploader 1.0 - Unauthenticated Arbitrary File Upload via pjpeg/jpeg Extension Handling
Unrestricted file upload vulnerability in maxImageUpload/index.php in PHP F1 Max's Image Uploader 1.0, when Apache is not configured to handle the mime-type for files with pjpeg or jpeg extensions, allows remote attackers to execute arbitrary code by uploading a file with a pjpeg or jpeg extension, then accessing it via a direct request to the file in original/. NOTE: some of these details are obtained from third party information.
by indoushka
EIP-2026-108494 EXPLOITDB text VERIFIED
Joomla! Component com_prime - Directory Traversal
by FL0RiX
EIP-2026-108476 EXPLOITDB text VERIFIED
Joomla! Component com_pc - Local File Inclusion
by Pyske
CVE-2010-0373 EXPLOITDB text VERIFIED
Joomla! com_libros - SQL Injection via id Parameter
SQL injection vulnerability in the libros (com_libros) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.
by FL0RiX
EIP-2026-101391 EXPLOITDB text VERIFIED
Novatel Wireless MiFi 2352 - Password Information Disclosure
by Alejandro Ramos
EIP-2026-112780 EXPLOITDB text VERIFIED
Transload Script - Arbitrary File Upload
by DigitALL
EIP-2026-111794 EXPLOITDB text VERIFIED
RoseOnlineCMS 3 B1 - Remote Authentication Bypass
by cr4wl3r
EIP-2026-110902 EXPLOITDB text VERIFIED
PHP-RESIDENCE 0.7.2 - Multiple Local File Inclusions
by cr4wl3r
EIP-2026-109551 EXPLOITDB text VERIFIED
MoME CMS 0.8.5 - Remote Authentication Bypass
by cr4wl3r
EIP-2026-108020 EXPLOITDB text VERIFIED
ITechSctipts Alibaba Clone - Multiple Vulnerabilities
by Hamza 'MizoZ' N.
CVE-2009-2894 EXPLOITDB text VERIFIED
Ebay Clone 2009 - SQL Injection via id or cid Parameter
Multiple SQL injection vulnerabilities in Ebay Clone 2009 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to product_desc.php, and the cid parameter to (2) showcategory.php and (3) gallery.php.
by Hamza 'MizoZ' N.
EIP-2026-106354 EXPLOITDB text VERIFIED
DasForum - 'layout' Local File Inclusion
by cr4wl3r
EIP-2026-105952 EXPLOITDB text VERIFIED
CLONEBID B2B Marketplace - Multiple Vulnerabilities
by Hamza 'MizoZ' N.
EIP-2026-114925 EXPLOITDB text
Aqua Real 1.0/2.0 - Local Crash (PoC)
by R3d-D3V!L
EIP-2026-112794 EXPLOITDB text VERIFIED
Triburom - 'forum.php' Cross-Site Scripting
by ViRuSMaN
EIP-2026-111402 EXPLOITDB text VERIFIED
PonVFTP - Bypass / Arbitrary File Upload
by S2K9
EIP-2026-111401 EXPLOITDB text VERIFIED
PonVFTP - 'login.php' SQL Injection
by S2K9