Exploitdb Exploits

50,083 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-104779 EXPLOITDB ruby VERIFIED
STUNSHELL (Web Shell) - Remote Code Execution (Metasploit)
by Metasploit
EIP-2026-104778 EXPLOITDB ruby VERIFIED
STUNSHELL (Web Shell) - Remote Code Execution (Metasploit)
by Metasploit
EIP-2026-104777 EXPLOITDB ruby VERIFIED
STUNSHELL (Web Shell) - PHP Remote Code Execution (Metasploit)
by Metasploit
EIP-2026-104776 EXPLOITDB ruby VERIFIED
STUNSHELL (Web Shell) - PHP Remote Code Execution (Metasploit)
by Metasploit
EIP-2026-104115 EXPLOITDB ruby VERIFIED
v0pCr3w (Web Shell) - Remote Code Execution (Metasploit)
by Metasploit
EIP-2026-104114 EXPLOITDB ruby VERIFIED
v0pCr3w (Web Shell) - Remote Code Execution (Metasploit)
by Metasploit
CVE-2013-1942 EXPLOITDB text VERIFIED
jPlayer < 2.2.20 - Cross-Site Scripting via jQuery or id Parameters
Multiple cross-site scripting (XSS) vulnerabilities in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer before 2.2.20, as used in ownCloud Server before 5.0.4 and other products, allow remote attackers to inject arbitrary web script or HTML via the (1) jQuery or (2) id parameters, as demonstrated using document.write in the jQuery parameter, a different vulnerability than CVE-2013-2022 and CVE-2013-2023.
by Malte Batram
EIP-2026-101121 EXPLOITDB text
Draytek Vigor 3900 1.06 - Local Privilege Escalation
by Mohammad abou hayt
EIP-2026-101030 EXPLOITDB bash
Konftel 300IP SIP-based Conference Phone 2.1.2 - Remote Bypass Reboot
by Todor Donev
CVE-2013-3721 EXPLOITDB text VERIFIED
PsychoStats 3.2.2b - SQL Injection via Awards Page d Parameter
SQL injection vulnerability in awards.php in PsychoStats 3.2.2b allows remote attackers to execute arbitrary SQL commands via the d parameter.
by Mohamed from ALG
EIP-2026-110344 EXPLOITDB text VERIFIED
OrionDB Web Directory - Multiple Cross-Site Scripting Vulnerabilities
by 3spi0n
CVE-2012-5909 EXPLOITDB text VERIFIED
MyBB 1.6.6 - SQL Injection via conditions[usergroup][] Parameter
SQL injection vulnerability in admin/modules/user/users.php in MyBB (aka MyBulletinBoard) 1.6.6 allows remote attackers to execute arbitrary SQL commands via the conditions[usergroup][] parameter in a search action to admin/index.php.
by Aditya Modha
CVE-2012-5908 EXPLOITDB text VERIFIED
MyBB 1.6.6 - Cross-Site Scripting via User Search Conditions Parameter
Cross-site scripting (XSS) vulnerability in admin/modules/user/users.php in MyBB (aka MyBulletinBoard) 1.6.6 allows remote attackers to inject arbitrary web script or HTML via the conditions[usergroup][] parameter in a search action to admin/index.php.
by Aditya Modha
CVE-2008-5489 EXPLOITDB text VERIFIED
ClipShare Pro <2008 - SQL Injection
SQL injection vulnerability in channel_detail.php in ClipShare Pro 4, and 2006 through 2007, allows remote attackers to execute arbitrary SQL commands via the chid parameter.
by Esac
CVE-2012-5201 EXPLOITDB ruby VERIFIED
HP Intelligent Management Center < 5.1 - Remote Code Execution
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1611.
by Metasploit
EIP-2026-118229 EXPLOITDB ruby VERIFIED
ActFax 5.01 - RAW Server Buffer Overflow (Metasploit)
by Metasploit
EIP-2026-113882 EXPLOITDB text VERIFIED
WordPress Plugin Mathjax Latex 1.1 - Cross-Site Request Forgery
by Junaid Hussain
EIP-2026-103933 EXPLOITDB text VERIFIED
IBM Lotus Domino 8.5.x - 'x.nsf' Multiple Cross-Site Scripting Vulnerabilities
by MustLive
EIP-2026-101422 EXPLOITDB text
Rosewill RSVA11001 - Remote Command Injection
by Eric Urban
CVE-2013-3075 EXPLOITDB html VERIFIED
Mitsubishi MX Component 3 - Buffer Overflow
Multiple buffer overflows in ActUWzd.dll 1.0.0.1 in Mitsubishi MX Component 3, as distributed in Citect CitectFacilities 7.10 and CitectScada 7.10r1, allow remote attackers to execute arbitrary code via a long string, as demonstrated by a long WzTitle property value to a certain ActiveX control.
by Dr_IDE
CVE-2012-4711 EXPLOITDB ruby VERIFIED
KingView <6.52-6.55 - Buffer Overflow
Buffer overflow in kingMess.exe 65.20.2003.10300 in WellinTech KingView 6.52, kingMess.exe 65.20.2003.10400 in KingView 6.53, and kingMess.exe 65.50.2011.18049 in KingView 6.55 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted packet.
by Metasploit
EIP-2026-117418 EXPLOITDB html VERIFIED
LiquidXML Studio 2012 - ActiveX Insecure Method Executable File Creation
by Dr_IDE
EIP-2026-117417 EXPLOITDB html VERIFIED
LiquidXML Studio 2010 - ActiveX Code Execution
by Dr_IDE
EIP-2026-115422 EXPLOITDB perl VERIFIED
IconCool MP3 WAV Converter 3.00 Build 120518 - Stack Buffer Overflow
by G0li47h
EIP-2026-113589 EXPLOITDB text VERIFIED
WordPress Plugin Banners Lite - 'wpbanners_show.php' HTML Injection
by Fernando A. Lagos B