Exploitdb Exploits

31,346 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-106439 EXPLOITDB text VERIFIED
DieselPay 1.6 - Cross-Site Scripting / Directory Traversal
by indoushka
EIP-2026-105889 EXPLOITDB text
Classified Ads Scrip - 'store_info.php?id' SQL Injection
by Hussin X
EIP-2026-105601 EXPLOITDB text VERIFIED
BosClassifieds 1.20 - 'recent.php' Cross-Site Scripting
by indoushka
CVE-2009-4582 EXPLOITDB text VERIFIED
XOOPS Dictionary module - SQL Injection via id Parameter
SQL injection vulnerability in detail.php in the Dictionary module for XOOPS 2.0.18 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Palyo34
EIP-2026-113422 EXPLOITDB text VERIFIED
WHOISCART - Scripting
by HAQIQ20
EIP-2026-113395 EXPLOITDB text VERIFIED
Western Digital My Book World Edition 1.1.16 - 'lang' Cross-Site Scripting
by emgent
EIP-2026-113015 EXPLOITDB text VERIFIED
vBulletin ads_saed 1.5 - 'bnnr.php' SQL Injection
by Hussin X
EIP-2026-112845 EXPLOITDB text
UBBCentral UBB.Threads 6.0 - Remote File Inclusion
by indoushka
CVE-2009-4581 EXPLOITDB CRITICAL text VERIFIED
RoseOnlineCMS <3 B1 - Path Traversal
Directory traversal vulnerability in modules/admincp.php in RoseOnlineCMS 3 B1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the admin parameter.
by cr4wl3r
CVSS 9.8
EIP-2026-111267 EXPLOITDB text
PicMe 2.1.0 - Arbitrary File Upload
by indoushka
EIP-2026-110816 EXPLOITDB text
PHP-Fusion Mod avatar_studio - Local File Inclusion
by bonobug
EIP-2026-109189 EXPLOITDB text VERIFIED
LiveZilla 3.1.8.3 - Multiple Cross-Site Scripting Vulnerabilities
by MaXe
CVE-2009-4450 EXPLOITDB text VERIFIED
LiveZilla 3.1.8.3 - Cross-Site Scripting via map.php Parameters
Multiple cross-site scripting (XSS) vulnerabilities in map.php in LiveZilla 3.1.8.3 allow remote attackers to inject arbitrary web script or HTML via the (1) lat, (2) lng, and (3) zom parameters, which are not properly handled when processed with templates/map.tpl.
by MaXe
EIP-2026-108951 EXPLOITDB text VERIFIED
K-Rate - SQL Injection
by e.wiZz
EIP-2026-108509 EXPLOITDB text VERIFIED
Joomla! Component com_rd_download - Local File Disclosure
by FL0RiX
EIP-2026-108379 EXPLOITDB text
Joomla! Component com_intuit - Apache Directory listing Download
by indoushka
EIP-2026-108259 EXPLOITDB text VERIFIED
Joomla! Component com_airmonoblock - Blind SQL Injection
by Pyske
EIP-2026-108052 EXPLOITDB text VERIFIED
Jax Calendar 1.34 - Remote Admin Access
by Sora
EIP-2026-107755 EXPLOITDB text VERIFIED
iDevAffiliate 4.0 - Backup
by indoushka
EIP-2026-107701 EXPLOITDB text
I-RATER Basic - Arbitrary File Upload
by indoushka
CVE-2009-4574 EXPLOITDB text VERIFIED
I-Escorts Directory Script - Country Escorts < PHP - SQL Injection
SQL injection vulnerability in country_escorts.php in I-Escorts Directory Script allows remote attackers to execute arbitrary SQL commands via the country_id parameter.
by R3d-D3V!L
EIP-2026-107116 EXPLOITDB text VERIFIED
FlashChat 3.9.3.1 - PHP info
by indoushka
EIP-2026-106840 EXPLOITDB text
Elkagroup - 'pid' SQL Injection
by Hussin X
CVE-2008-6264 EXPLOITDB text VERIFIED
E-topbiz Slide Popups 1.0 - SQL Injection via Admin Password Parameter
SQL injection vulnerability in admin/admin.php in E-topbiz Slide Popups 1.0 allows remote attackers to execute arbitrary SQL commands via the password parameter.
by Hussin X
EIP-2026-106648 EXPLOITDB text VERIFIED
e-topbiz banner exchange PHP - Authentication Bypass
by Hussin X
By Source
All 31,346 Writeup 60,502 Exploitdb 50,014 Nomisec 21,946 Metasploit 3,232 Github 2,965 Vulncheck_xdb 909 Inthewild 514 Gitlab 443 Gitee 415 Patchapalooza 312
By Language
text 31,346 python 6,217 ruby 5,922 c 3,592 perl 2,849 html 2,056 php 1,327 bash 460 java 364 c++ 252 javascript 220 shell 100 go 64 postscript 25 xml 24