Exploitdb Exploits

31,346 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-107089 EXPLOITDB text
file upload Ar Version - Arbitrary File Upload
by indoushka
EIP-2026-107016 EXPLOITDB text VERIFIED
EZPX My Photoblog 1.2 - Arbitrary File Upload
by indoushka
EIP-2026-106904 EXPLOITDB text VERIFIED
ES Simple Uploader 1.1 - Arbitrary File Upload
by indoushka
EIP-2026-106896 EXPLOITDB text
epay - Backup
by indoushka
EIP-2026-106633 EXPLOITDB text
e-pay 1.55 - Remote File Inclusion
by indoushka
EIP-2026-106632 EXPLOITDB text VERIFIED
E-Pay - Remote File Inclusion
by indoushka
EIP-2026-106622 EXPLOITDB text
e-cart 3.0 - Multiple Vulnerabilities
by indoushka
EIP-2026-106578 EXPLOITDB text
Dros - Remote File Inclusion
by indoushka
EIP-2026-106442 EXPLOITDB text VERIFIED
DieselScripts jokes - Cross-Site Scripting
by indoushka
EIP-2026-106441 EXPLOITDB text VERIFIED
DieselScripts jokes - Backup
by indoushka
EIP-2026-106372 EXPLOITDB text
DBHcms 1.1.4 - 'dbhcms_core_dir' Remote File Inclusion
by Gamoscu
EIP-2026-106370 EXPLOITDB text
dB Masters MultiMedia - Insecure Cookie Handling
by indoushka
EIP-2026-106363 EXPLOITDB text VERIFIED
Datenator 0.3.0 - 'event.php?id' SQL Injection
by The_HuliGun
EIP-2026-105456 EXPLOITDB text
Best Top List 2.11 - Arbitrary File Upload
by indoushka
EIP-2026-100310 EXPLOITDB text VERIFIED
Esinti Web Design Gold Defter - Database Disclosure
by LionTurk
CVE-2007-3061 EXPLOITDB text VERIFIED
Cactushop < 6 - Unauthenticated Sensitive Information Exposure via Direct Database Request
Cactushop 6 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) cactushop6.mdb or (2) cactushop5.mdb.
by LionTurk
CVE-2009-4678 EXPLOITDB text VERIFIED
Winn Guestbook 2.4 - Cross-Site Scripting via PATH_INFO
Cross-site scripting (XSS) vulnerability in index.php in Winn Guestbook 2.4 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
by indoushka
CVE-2005-3937 EXPLOITDB text VERIFIED
Softbiz B2B Trading Marketplace Script < 1.1 - SQL Injection via cid Parameter
SQL injection vulnerability in Softbiz B2B Trading Marketplace Script 1.1 and earler allows remote attackers to execute arbitrary SQL commands via the cid parameter in (1) selloffers.php, (2) buyoffers.php, (3) products.php, or (4) profiles.php.
by AnGrY BoY
EIP-2026-112131 EXPLOITDB text VERIFIED
Simple PHP Guestbook - Remote Admin Access
by Sora
EIP-2026-108086 EXPLOITDB text VERIFIED
Jevonweb Guestbook - Remote Admin Access
by Sora
EIP-2026-105958 EXPLOITDB text VERIFIED
cms -db 0.7.13 - Multiple Vulnerabilities
by cp77fk4r
EIP-2026-105731 EXPLOITDB text VERIFIED
caricatier 2.5 - Cross-Site Scripting
by indoushka
EIP-2026-105455 EXPLOITDB text VERIFIED
Best Top List - Cross-Site Scripting
by indoushka
EIP-2026-105393 EXPLOITDB text VERIFIED
barbo91 uploads - Arbitrary File Upload
by indoushka
EIP-2026-105392 EXPLOITDB text VERIFIED
Barbo91 - 'upload.php' Cross-Site Scripting
by indoushka
By Source
All 31,346 Writeup 60,504 Exploitdb 50,014 Nomisec 21,952 Metasploit 3,232 Github 2,971 Vulncheck_xdb 909 Inthewild 514 Gitlab 443 Gitee 415 Patchapalooza 312
By Language
text 31,346 python 6,222 ruby 5,922 c 3,592 perl 2,849 html 2,056 php 1,327 bash 460 java 364 c++ 252 javascript 220 shell 101 go 64 postscript 25 xml 24