Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-110618 EXPLOITDB text VERIFIED
PhotoKorn 1.542 - Cross-Site Scripting / Remote File Inclusion
by indoushka
EIP-2026-110615 EXPLOITDB text VERIFIED
PhotoDiary 1.3 - 'lng' Local File Inclusion
by cOndemned
EIP-2026-109168 EXPLOITDB text
list Web - 'addlink.php?id' SQL Injection
by Hussin X
EIP-2026-108975 EXPLOITDB text
Kayako eSupport 3.04.10 - Cross-Site Scripting / Cross-Site Request Forgery
by D3V!L FUCKER
EIP-2026-108798 EXPLOITDB text VERIFIED
Joomla! Component MS Comment 0.8.0b - Security Bypass / Cross-Site Scripting
by Jeff Channell
EIP-2026-108489 EXPLOITDB text VERIFIED
Joomla! Component com_portfol - SQL Injection
by wlhaan hacker
EIP-2026-108439 EXPLOITDB text VERIFIED
Joomla! Component com_mdigg - SQL Injection
by wlhaan hacker
EIP-2026-107924 EXPLOITDB text
Invision Power Board (Trial) 2.0.4 - Backup
by indoushka
EIP-2026-107797 EXPLOITDB text VERIFIED
Imagevue r16 - 'amount' Cross-Site Scripting
by indoushka
EIP-2026-107599 EXPLOITDB text VERIFIED
HLstatsX 1.65 - SQL Injection
by bnc
EIP-2026-107245 EXPLOITDB text VERIFIED
Freewebscript'z Games - Authentication Bypass
by Hussin X
EIP-2026-107093 EXPLOITDB text VERIFIED
fileNice PHP file browser - Local/Remote File Inclusion
by e.wiZz
EIP-2026-106714 EXPLOITDB text VERIFIED
EasyGallery - 'catid' Blind SQL Injection
by Hussin X
EIP-2026-106467 EXPLOITDB text VERIFIED
Discuz! 1.0 - 'referer' Cross-Site Scripting
by indoushka
EIP-2026-106466 EXPLOITDB text
Discuz 1.03 - SQL Injection
by indoushka
EIP-2026-106439 EXPLOITDB text VERIFIED
DieselPay 1.6 - Cross-Site Scripting / Directory Traversal
by indoushka
EIP-2026-105889 EXPLOITDB text
Classified Ads Scrip - 'store_info.php?id' SQL Injection
by Hussin X
EIP-2026-105601 EXPLOITDB text VERIFIED
BosClassifieds 1.20 - 'recent.php' Cross-Site Scripting
by indoushka
CVE-2009-4582 EXPLOITDB text VERIFIED
XOOPS Dictionary module - SQL Injection via id Parameter
SQL injection vulnerability in detail.php in the Dictionary module for XOOPS 2.0.18 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Palyo34
EIP-2026-113422 EXPLOITDB text VERIFIED
WHOISCART - Scripting
by HAQIQ20
EIP-2026-113395 EXPLOITDB text VERIFIED
Western Digital My Book World Edition 1.1.16 - 'lang' Cross-Site Scripting
by emgent
EIP-2026-113015 EXPLOITDB text VERIFIED
vBulletin ads_saed 1.5 - 'bnnr.php' SQL Injection
by Hussin X
EIP-2026-112845 EXPLOITDB text
UBBCentral UBB.Threads 6.0 - Remote File Inclusion
by indoushka
CVE-2009-4581 EXPLOITDB CRITICAL text VERIFIED
RoseOnlineCMS <3 B1 - Path Traversal
Directory traversal vulnerability in modules/admincp.php in RoseOnlineCMS 3 B1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the admin parameter.
by cr4wl3r
CVSS 9.8
EIP-2026-111267 EXPLOITDB text
PicMe 2.1.0 - Arbitrary File Upload
by indoushka