Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-109048 EXPLOITDB text VERIFIED
KubeLabs PHPDug 2.0 - 'upcoming.php' Cross-Site Scripting
by indoushka
CVE-2010-0694 EXPLOITDB text
PerchaGallery <1.5b - SQL Injection
SQL injection vulnerability in the PerchaGallery (com_perchagallery) component before 1.5b for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an editunidad action to index.php.
by FL0RiX
EIP-2026-108424 EXPLOITDB text VERIFIED
Joomla! Component com_kk - Blind SQL Injection
by Pyske
EIP-2026-108423 EXPLOITDB text VERIFIED
Joomla! Component com_king - Blind SQL Injection
by Pyske
EIP-2026-107979 EXPLOITDB text VERIFIED
ITaco Group ITaco.biz - 'view_news' SQL Injection
by Err0R
EIP-2026-106485 EXPLOITDB text VERIFIED
Docebo 3.6.0.2 (stable) - Local File Inclusion
by Zer0 Thunder
CVE-2010-1066 EXPLOITDB text VERIFIED
AR Web Content Manager (AWCM) 2.1 - Info Disclosure
AR Web Content Manager (AWCM) 2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for control/db_backup.php.
by alnjm33
EIP-2026-103773 EXPLOITDB text
DirectAdmin 1.33.6 - Symlink Security Bypass
by alnjm33
EIP-2026-102609 EXPLOITDB text VERIFIED
Gnome Panel 2.28.0 - Denial of Service (PoC)
by Pietro Oliva
CVE-2010-0936 EXPLOITDB text
D-LINK DKVM-IP8 - Firmware 2282_dlinkA4_p8_20071213 - XSS
Cross-site scripting (XSS) vulnerability in auth.asp on the D-LINK DKVM-IP8 with firmware 2282_dlinkA4_p8_20071213 allows remote attackers to inject arbitrary web script or HTML via the nickname parameter.
by POPCORN
CVE-2010-0936 EXPLOITDB text VERIFIED
D-LINK DKVM-IP8 - Firmware 2282_dlinkA4_p8_20071213 - XSS
Cross-site scripting (XSS) vulnerability in auth.asp on the D-LINK DKVM-IP8 with firmware 2282_dlinkA4_p8_20071213 allows remote attackers to inject arbitrary web script or HTML via the nickname parameter.
by POPCORN
EIP-2026-101097 EXPLOITDB text
Total MultiMedia Features - Sony Ericsson Phones Denial of Service (PoC)
by Aodrulez
EIP-2026-100607 EXPLOITDB text VERIFIED
VP-ASP Shopping Cart 7.0 - Database Disclosure
by indoushka
EIP-2026-100454 EXPLOITDB text VERIFIED
Net Gitar Shop 1.0 - Database Disclosure
by indoushka
CVE-2010-1065 EXPLOITDB text VERIFIED
Lebisoft Ziyaretci Defteri 7.4-7.5 - Info Disclosure
Lebisoft Ziyaretci Defteri 7.4 and 7.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/lebisoft.mdb.
by indoushka
CVE-2010-1064 EXPLOITDB text VERIFIED
Erolife AjxGaleri VT - Info Disclosure
Erolife AjxGaleri VT stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/ajxgaleri.mdb.
by LionTurk
CVE-2009-4497 EXPLOITDB text VERIFIED
LXR Cross Referencer 0.9.5 and 0.9.6 - Cross-Site Scripting via Ident Program i Parameter
Cross-site scripting (XSS) vulnerability in LXR Cross Referencer 0.9.5 and 0.9.6 allows remote attackers to inject arbitrary web script or HTML via the i parameter to the ident program.
by Dan Rosenberg
EIP-2026-109152 EXPLOITDB text VERIFIED
LineWeb 1.0.5 - Multiple Remote Vulnerabilities
by Ignacio Garrido
EIP-2026-100635 EXPLOITDB text VERIFIED
YP Portal MS-Pro Surumu 1.0 - Database Disclosure
by indoushka
CVE-2010-2256 EXPLOITDB text VERIFIED
Pay Per Minute Video Chat Script 2.0-2.1 - Cross-Site Scripting via id Parameter or model Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Pay Per Minute Video Chat Script 2.0 and 2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to admin/memberviewdetails.php and the (2) model parameter to videos.php.
by R3d-D3V!L
EIP-2026-113450 EXPLOITDB text VERIFIED
WMNews - '/admin/wmnews.php' Cross-Site Scripting
by indoushka
EIP-2026-111314 EXPLOITDB text VERIFIED
pL-PHP 0.9 - 'index.php' Cross-Site Scripting
by indoushka
EIP-2026-110501 EXPLOITDB text VERIFIED
Pay Per Minute Video Chat Script 2.x - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities
by R3d-D3V!L
CVE-2010-2257 EXPLOITDB text VERIFIED
Pay Per Minute Video Chat Script 2.0-2.1 - SQL Injection via index_ie.php page Parameter
SQL injection vulnerability in index_ie.php in Pay Per Minute Video Chat Script 2.0 and 2.1 allows remote attackers to execute arbitrary SQL commands via the page parameter.
by R3d-D3V!L
EIP-2026-109938 EXPLOITDB text VERIFIED
Ninja Blog 4.8 - Multiple Vulnerabilities
by indoushka