Exploitdb Exploits

31,346 exploits tracked across all sources.

Sort: Activity Stars
CVE-2009-4578 EXPLOITDB text VERIFIED
Facileforms - Cross-Site Scripting via Itemid Parameter
Cross-site scripting (XSS) vulnerability in the Facileforms (com_facileforms) component for Joomla! and Mambo allows remote attackers to inject arbitrary web script or HTML via the Itemid parameter to index.php.
by Pyske
EIP-2026-108569 EXPLOITDB text VERIFIED
Joomla! Component com_trabalhe_conosco - Cross-Site Scripting
by Pyske
CVE-2009-4575 EXPLOITDB text VERIFIED
Joomla! com_qpersonel 1.0.2 RC2 - XSS
Cross-site scripting (XSS) vulnerability in the Q-Personel (com_qpersonel) component 1.0.2 RC2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the personel_sira parameter in a sirala action to index.php.
by Pyske
EIP-2026-108462 EXPLOITDB text
Joomla! Component com_oprykningspoint_mc - Cross-Site Scripting
by Pyske
EIP-2026-108380 EXPLOITDB text
Joomla! Component com_intuit - Local File Inclusion
by FL0RiX
CVE-2009-4583 EXPLOITDB text VERIFIED
Joomla DhForum Component - SQL Injection via id Parameter
SQL injection vulnerability in the DhForum (com_dhforum) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a grouplist action to index.php.
by ViRuSMaN
CVE-2009-4576 EXPLOITDB text VERIFIED
cmstactics com_beeheard 1.x - SQL Injection via category_id Parameter
SQL injection vulnerability in the BeeHeard (com_beeheard) component 1.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter in a suggestions action to index.php.
by FL0RiX
EIP-2026-108254 EXPLOITDB text VERIFIED
Joomla! Component com_adagency - Local File Inclusion
by FL0RiX
EIP-2026-107834 EXPLOITDB text VERIFIED
Info Fisier 1.0 - SQL Injection
by AnGrY BoY
EIP-2026-107833 EXPLOITDB text VERIFIED
info fisier 1.0 - Multiple Vulnerabilities
by kaozc9
CVE-2008-6210 EXPLOITDB text VERIFIED
dream4 Koobi 4.4 and 5.4 - SQL Injection via img_id Parameter
SQL injection vulnerability in index.php in dream4 Koobi 4.4 and 5.4 allows remote attackers to execute arbitrary SQL commands via the img_id parameter in the gallerypic page.
by BILGE_KAGAN
EIP-2026-106319 EXPLOITDB text
Cybershade CMS 0.2 - Remote File Inclusion
by Mr.SeCreT
EIP-2026-106118 EXPLOITDB text VERIFIED
com_webcamxp - Cross-Site Scripting
by Pyske
EIP-2026-106117 EXPLOITDB text VERIFIED
com_jm-recommend - Cross-Site Scripting
by Pyske
EIP-2026-113344 EXPLOITDB text
Webring - Cross-Site Scripting
by indoushka
EIP-2026-113037 EXPLOITDB text VERIFIED
vCard PRO 3.1 - Cross-Site Scripting
by indoushka
EIP-2026-112910 EXPLOITDB text VERIFIED
Upload-Point 1.6 Beta - Arbitrary File Upload
by indoushka
EIP-2026-112740 EXPLOITDB text
TomatoCart - Backup
by indoushka
EIP-2026-112545 EXPLOITDB text
ta3arof [dating] Script (Arabic Version) - Arbitrary File Upload
by indoushka
EIP-2026-112414 EXPLOITDB text VERIFIED
Squito Gallery 1.0 - Cross-Site Scripting
by indoushka
EIP-2026-111892 EXPLOITDB text VERIFIED
SaphpLesson 4.0 food - Remote File Inclusion
by indoushka
EIP-2026-111875 EXPLOITDB text VERIFIED
Saibal Download Area 2.0 - Arbitrary File Upload
by indoushka
EIP-2026-111652 EXPLOITDB text
Quiz - Cross-Site Scripting
by indoushka
EIP-2026-111204 EXPLOITDB text
PHPShop 0.6 - Bypass
by indoushka
CVE-2009-4469 EXPLOITDB text VERIFIED
phpPowerCards 2.0 - Cross-Site Scripting via PATH_INFO, archiv, or subcat Parameter
Multiple cross-site scripting (XSS) vulnerabilities in pagenumber.inc.php in phpPowerCards 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO, the (2) archiv parameter, and the (3) subcat parameter.
by indoushka
By Source
All 31,346 Writeup 60,504 Exploitdb 50,014 Nomisec 21,952 Metasploit 3,232 Github 2,971 Vulncheck_xdb 909 Inthewild 514 Gitlab 443 Gitee 415 Patchapalooza 312
By Language
text 31,346 python 6,222 ruby 5,922 c 3,592 perl 2,849 html 2,056 php 1,327 bash 460 java 364 c++ 252 javascript 220 shell 101 go 64 postscript 25 xml 24