Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-105658 EXPLOITDB text
Business Directory Script - SQL Injection
by Ihsan Sencan
EIP-2026-105357 EXPLOITDB text
B2B Script 4.27 - SQL Injection
by Dawid Morawski
EIP-2026-105295 EXPLOITDB text
Auction Website Script - SQL Injection
by Ihsan Sencan
EIP-2026-110304 EXPLOITDB text VERIFIED
Openexpert 0.5.17 - 'area_id' SQL Injection
by Nassim Asrir
EIP-2026-106462 EXPLOITDB text
dirLIST 0.3.0 - Arbitrary File Upload
by hyp3rlinx
EIP-2026-106187 EXPLOITDB text VERIFIED
Courier Management System - SQL Injection
by Sibusiso Sishi
EIP-2026-105613 EXPLOITDB text
BoZoN 2.4 - Remote Code Execution
by hyp3rlinx
EIP-2026-100646 EXPLOITDB text
Check Box 2016 Q2 Survey - Multiple Vulnerabilities
by Fady Mohammed Osman
CVE-2016-20048 EXPLOITDB HIGH python
iSelect 1.4.0-2+b1 Local Buffer Overflow via key parameter
iSelect 1.4.0-2+b1 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized value to the -k/--key parameter. Attackers can craft a malicious argument containing a NOP sled, shellcode, and return address to overflow a 1024-byte stack buffer and gain code execution with user privileges.
by Juan Sacco
CVSS 8.4
EIP-2026-119281 EXPLOITDB python VERIFIED
WinaXe Plus 8.7 - Remote Buffer Overflow
by Peter Baris
EIP-2026-118426 EXPLOITDB ruby VERIFIED
DiskBoss Enterprise - GET Buffer Overflow (Metasploit)
by Metasploit
EIP-2026-109470 EXPLOITDB text
Million Pixels 3 - Authentication Bypass
by Ihsan Sencan
EIP-2026-107792 EXPLOITDB text
Image Sharing Script 4.13 - Multiple Vulnerabilities
by Hasan Emre Ozer
EIP-2026-105660 EXPLOITDB text
Business Networking Script 8.11 - SQL Injection / Cross-Site Scripting
by Ahmet Gurel
CVE-2016-7617 EXPLOITDB HIGH
macOS < 10.12.2 - Remote Code Execution or Denial of Service via Bluetooth Type Confusion
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (type confusion) via a crafted app.
by Brandon Azad
CVSS 7.8
EIP-2026-102037 EXPLOITDB bash
Tenda ADSL2/2+ Modem D840R - DNS Change
by Todor Donev
EIP-2026-101919 EXPLOITDB bash
Pirelli DRG A115 ADSL Router - DNS Change
by Todor Donev
EIP-2026-109374 EXPLOITDB text
MC Yellow Pages Script - SQL Injection
by Ihsan Sencan
EIP-2026-109373 EXPLOITDB text
MC Smart Shop Script - SQL Injection
by Ihsan Sencan
EIP-2026-109372 EXPLOITDB text
MC Real Estate Pro Script - Improper Access Restrictions
by Ihsan Sencan
EIP-2026-109371 EXPLOITDB text
MC Inventory Manager Script - Multiple Vulnerabilities
by Ihsan Sencan
EIP-2026-109370 EXPLOITDB html
MC Hosting Coupons Script - Cross-Site Request Forgery
by Ihsan Sencan
EIP-2026-109369 EXPLOITDB text
MC Documentation Creator Script - SQL Injection
by Ihsan Sencan
EIP-2026-109366 EXPLOITDB text
MC Coming Soon Script - Arbitrary File Upload / Improper Access Restrictions
by Ihsan Sencan
EIP-2026-109365 EXPLOITDB text
MC Buy and Sell Cars Script 1.1 - SQL Injection
by Ihsan Sencan
By Source
All 50,076 Writeup 62,507 Exploitdb 50,076 Nomisec 22,463 Github 3,681 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,602 ruby 6,006 c 3,631 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 231 shell 133 go 73 postscript 25 typescript 25