Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-106372 EXPLOITDB text
DBHcms 1.1.4 - 'dbhcms_core_dir' Remote File Inclusion
by Gamoscu
EIP-2026-106370 EXPLOITDB text
dB Masters MultiMedia - Insecure Cookie Handling
by indoushka
EIP-2026-106363 EXPLOITDB text VERIFIED
Datenator 0.3.0 - 'event.php?id' SQL Injection
by The_HuliGun
EIP-2026-105456 EXPLOITDB text
Best Top List 2.11 - Arbitrary File Upload
by indoushka
EIP-2026-100310 EXPLOITDB text VERIFIED
Esinti Web Design Gold Defter - Database Disclosure
by LionTurk
CVE-2007-3061 EXPLOITDB text VERIFIED
Cactushop < 6 - Unauthenticated Sensitive Information Exposure via Direct Database Request
Cactushop 6 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) cactushop6.mdb or (2) cactushop5.mdb.
by LionTurk
CVE-2009-4678 EXPLOITDB text VERIFIED
Winn Guestbook 2.4 - Cross-Site Scripting via PATH_INFO
Cross-site scripting (XSS) vulnerability in index.php in Winn Guestbook 2.4 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
by indoushka
CVE-2005-3937 EXPLOITDB text VERIFIED
Softbiz B2B Trading Marketplace Script < 1.1 - SQL Injection via cid Parameter
SQL injection vulnerability in Softbiz B2B Trading Marketplace Script 1.1 and earler allows remote attackers to execute arbitrary SQL commands via the cid parameter in (1) selloffers.php, (2) buyoffers.php, (3) products.php, or (4) profiles.php.
by AnGrY BoY
EIP-2026-112131 EXPLOITDB text VERIFIED
Simple PHP Guestbook - Remote Admin Access
by Sora
EIP-2026-108086 EXPLOITDB text VERIFIED
Jevonweb Guestbook - Remote Admin Access
by Sora
EIP-2026-105958 EXPLOITDB text VERIFIED
cms -db 0.7.13 - Multiple Vulnerabilities
by cp77fk4r
EIP-2026-105731 EXPLOITDB text VERIFIED
caricatier 2.5 - Cross-Site Scripting
by indoushka
EIP-2026-105455 EXPLOITDB text VERIFIED
Best Top List - Cross-Site Scripting
by indoushka
EIP-2026-105393 EXPLOITDB text VERIFIED
barbo91 uploads - Arbitrary File Upload
by indoushka
EIP-2026-105392 EXPLOITDB text VERIFIED
Barbo91 - 'upload.php' Cross-Site Scripting
by indoushka
EIP-2026-105259 EXPLOITDB text
asaher pro 1.0 - Remote File Inclusion
by indoushka
EIP-2026-105196 EXPLOITDB text VERIFIED
APHP ImgList 1.2.2 - Cross-Site Scripting
by indoushka
EIP-2026-105063 EXPLOITDB text VERIFIED
AL-Caricatier 2.5 - 'comment.php' Cross-Site Scripting
by indoushka
EIP-2026-104963 EXPLOITDB text
Ads Electronic Al-System - Cross-Site Scripting
by indoushka
EIP-2026-113090 EXPLOITDB text VERIFIED
VideoIsland - Arbitrary File Upload
by RENO
EIP-2026-112771 EXPLOITDB text VERIFIED
Traidnt Gallery - Arbitrary Add Admin
by wlhaan-hacker
EIP-2026-111465 EXPLOITDB text
Pragyan CMS 2.6.4 - 'search.php' Remote File Inclusion
by Mr.SeCreT
CVE-2009-4458 EXPLOITDB text VERIFIED
FreePBX 2.5.2 and 2.6.0rc2 - Cross-Site Scripting via Tech Parameter and Description Parameter
Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.5.2 and 2.6.0rc2, and possibly other versions, allow remote attackers to inject arbitrary web script or HTML via the (1) tech parameter to admin/admin/config.php during a trunks display action, the (2) description parameter during an Add Zap Channel action, and (3) unspecified vectors during an Add Recordings action.
by Global-Evolution
CVE-2009-4813 EXPLOITDB text VERIFIED
MyBB 1.4.10 - Cross-Site Scripting via Username Parameter in Donate Action
Cross-site scripting (XSS) vulnerability in myps.php in MyBB (aka MyBulletinBoard) 1.4.10 allows remote attackers to inject arbitrary web script or HTML via the username parameter in a donate action.
by Steven Abbagnaro
EIP-2026-108527 EXPLOITDB text VERIFIED
Joomla! Component com_schools - SQL Injection
by Mr.tro0oqy