Exploitdb Exploits

31,346 exploits tracked across all sources.

Sort: Activity Stars
CVE-2010-1064 EXPLOITDB text VERIFIED
Erolife AjxGaleri VT - Info Disclosure
Erolife AjxGaleri VT stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/ajxgaleri.mdb.
by LionTurk
CVE-2009-4497 EXPLOITDB text VERIFIED
LXR Cross Referencer 0.9.5 and 0.9.6 - Cross-Site Scripting via Ident Program i Parameter
Cross-site scripting (XSS) vulnerability in LXR Cross Referencer 0.9.5 and 0.9.6 allows remote attackers to inject arbitrary web script or HTML via the i parameter to the ident program.
by Dan Rosenberg
EIP-2026-109152 EXPLOITDB text VERIFIED
LineWeb 1.0.5 - Multiple Remote Vulnerabilities
by Ignacio Garrido
EIP-2026-100635 EXPLOITDB text VERIFIED
YP Portal MS-Pro Surumu 1.0 - Database Disclosure
by indoushka
CVE-2010-2256 EXPLOITDB text VERIFIED
Pay Per Minute Video Chat Script 2.0-2.1 - Cross-Site Scripting via id Parameter or model Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Pay Per Minute Video Chat Script 2.0 and 2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to admin/memberviewdetails.php and the (2) model parameter to videos.php.
by R3d-D3V!L
EIP-2026-113450 EXPLOITDB text VERIFIED
WMNews - '/admin/wmnews.php' Cross-Site Scripting
by indoushka
EIP-2026-111314 EXPLOITDB text VERIFIED
pL-PHP 0.9 - 'index.php' Cross-Site Scripting
by indoushka
EIP-2026-110501 EXPLOITDB text VERIFIED
Pay Per Minute Video Chat Script 2.x - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities
by R3d-D3V!L
CVE-2010-2257 EXPLOITDB text VERIFIED
Pay Per Minute Video Chat Script 2.0-2.1 - SQL Injection via index_ie.php page Parameter
SQL injection vulnerability in index_ie.php in Pay Per Minute Video Chat Script 2.0 and 2.1 allows remote attackers to execute arbitrary SQL commands via the page parameter.
by R3d-D3V!L
EIP-2026-109938 EXPLOITDB text VERIFIED
Ninja Blog 4.8 - Multiple Vulnerabilities
by indoushka
EIP-2026-109424 EXPLOITDB text VERIFIED
MercuryBoard 1.1.5 - 'index.php' Cross-Site Scripting
by indoushka
EIP-2026-109133 EXPLOITDB text VERIFIED
LightOpenCMS 0.1 - 'smarty.php' Remote File Inclusion
by Zer0 Thunder
CVE-2010-1363 EXPLOITDB text VERIFIED
com_j-projects - SQL Injection via Project Parameter
SQL injection vulnerability in the JProjects (com_j-projects) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the project parameter in a projects action to index.php.
by Pyske
EIP-2026-108300 EXPLOITDB text
Joomla! Component com_cartikads 1.0 - Arbitrary File Upload
by kaMtiEz
CVE-2010-1070 EXPLOITDB text VERIFIED
ImagoScripts Deviant Art Clone - SQL Injection
SQL injection vulnerability in index.php in ImagoScripts Deviant Art Clone allows remote attackers to execute arbitrary SQL commands via the seid parameter in a forums viewcat action.
by alnjm33
EIP-2026-107355 EXPLOITDB text
Gbook MX 4.1.0 (Arabic Version) - Remote File Inclusion
by indoushka
EIP-2026-104484 EXPLOITDB text
W-Agora 4.2.1 - Multiple Vulnerabilities
by indoushka
EIP-2026-103222 EXPLOITDB text VERIFIED
Skype for Linux 2.1 Beta - Multiple Strange Behaviour Vulnerabilities
by emgent
CVE-2010-0978 EXPLOITDB text VERIFIED
KMSoft Guestbook 1.0 - Info Disclosure
KMSoft Guestbook (aka GBook) 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/db.mdb.
by LionTurk
CVE-2010-0976 EXPLOITDB text VERIFIED
Acidcat CMS 3.5.x - Info Disclosure
Acidcat CMS 3.5.x does not prevent access to install.asp after installation finishes, which might allow remote attackers to restart the installation process and have unspecified other impact via requests to install.asp and other install_*.asp scripts. NOTE: the final installation screen states "Important: you must now delete all files beginning with 'install' from the root directory."
by LionTurk
EIP-2026-114370 EXPLOITDB text VERIFIED
WorldPay Script Shop - 'productdetail' SQL Injection
by Err0R
EIP-2026-112237 EXPLOITDB text VERIFIED
Smart Vision Script News - 'newsdetail.php' SQL Injection (1)
by Err0R
EIP-2026-112208 EXPLOITDB text VERIFIED
SLAED CMS 2.0 - 'stop' Cross-Site Scripting
by indoushka
EIP-2026-112133 EXPLOITDB text VERIFIED
Simple Portal 2.0 - Authentication Bypass
by Red-D3v1L
EIP-2026-112003 EXPLOITDB text
Service d'upload 1.0.0 - Arbitrary File Upload
by indoushka
By Source
All 31,346 Writeup 60,502 Exploitdb 50,014 Nomisec 21,946 Metasploit 3,232 Github 2,965 Vulncheck_xdb 909 Inthewild 514 Gitlab 443 Gitee 415 Patchapalooza 312
By Language
text 31,346 python 6,217 ruby 5,922 c 3,592 perl 2,849 html 2,056 php 1,327 bash 460 java 364 c++ 252 javascript 220 shell 100 go 64 postscript 25 xml 24