Exploitdb Exploits

50,091 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-110033 EXPLOITDB text VERIFIED
Omnistar Mailer - Multiple SQL Injections / HTML Injection Vulnerabilities
by Vulnerability Laboratory
EIP-2026-105066 EXPLOITDB text VERIFIED
AlamFifa CMS - 'user_name_cookie' SQL Injection
by L0n3ly-H34rT
EIP-2026-102969 EXPLOITDB python VERIFIED
Reaver Pro - Local Privilege Escalation
by infodox
CVE-2012-3819 EXPLOITDB ruby VERIFIED
Dart PowerTCP ActiveX - Denial of Service via Long Request
Stack consumption vulnerability in dartwebserver.dll 1.9 and earlier, as used in Dart PowerTCP WebServer for ActiveX and other products, allows remote attackers to cause a denial of service (daemon crash) via a long request.
by catatonicprime
EIP-2026-103936 EXPLOITDB text VERIFIED
IBM Lotus Notes Traveler 8.5.1.x - Multiple Input Validation Vulnerabilities
by MustLive
CVE-2012-2998 EXPLOITDB python VERIFIED
Trend Micro Control Manager <5.5.0.1823, <6.0.0.1449 - SQL Injection
SQL injection vulnerability in the ad hoc query module in Trend Micro Control Manager (TMCM) before 5.5.0.1823 and 6.0 before 6.0.0.1449 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
by otoy
EIP-2026-117912 EXPLOITDB text
Smartfren Connex EC 1261-2 UI OUC - Local Privilege Escalation
by X-Cisadane
EIP-2026-102677 EXPLOITDB html VERIFIED
Midori Browser 0.3.2 - Denial of Service
by Ryuzaki Lawlet
CVE-2012-4051 EXPLOITDB text
JAMF Casper Suite < 8.61 - Cross-Site Request Forgery via Save Action
Multiple cross-site request forgery (CSRF) vulnerabilities in editAccount.html in the JAMF Software Server (JSS) interface in JAMF Casper Suite before 8.61 allow remote attackers to hijack the authentication of administrators for requests that (1) create user accounts or (2) change passwords via a Save action.
by Jacob Holcomb
EIP-2026-113521 EXPLOITDB text VERIFIED
WordPress Plugin ABC Test - 'id' Cross-Site Scripting
by Scott Herbert
EIP-2026-113064 EXPLOITDB text
ViArt Shop Evaluation 4.1 - Multiple Remote File Inclusions
by L0n3ly-H34rT
EIP-2026-103251 EXPLOITDB text VERIFIED
YingZhiPython - Directory Traversal / Arbitrary File Upload
by Larry Cashdollar
CVE-2011-1613 EXPLOITDB text
Cisco Wireless LAN Controller <6.0.200.0-7.0.112.0 - DoS
Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 6.0 before 6.0.200.0, 7.0 before 7.0.98.216, and 7.0.1xx before 7.0.112.0 allows remote attackers to cause a denial of service (device reload) via a sequence of ICMP packets, aka Bug ID CSCth74426.
by Daniel Smith
EIP-2026-114120 EXPLOITDB text VERIFIED
WordPress Plugin Token Manager - 'tid' Cross-Site Scripting
by TheCyberNuxbie
EIP-2026-113063 EXPLOITDB text
ViArt Shop Enterprise 4.1 - Arbitrary Command Execution
by LiquidWorm
EIP-2026-103208 EXPLOITDB python VERIFIED
QNX 6.5.0 / QCONN 1.4.207944 - Remote Command Execution
by Mor!p3r
EIP-2026-116203 EXPLOITDB python VERIFIED
SafeNet Sentinel Keys Server - Crash (PoC)
by retset
EIP-2026-103214 EXPLOITDB python VERIFIED
Samba 3.5.11/3.6.3 - Remote Code Execution
by kb
EIP-2026-100942 EXPLOITDB text VERIFIED
ZEN Load Balancer - Multiple Vulnerabilities
by Brendan Coles
EIP-2026-114035 EXPLOITDB html VERIFIED
WordPress Plugin Sexy Add Template - Cross-Site Request Forgery
by the_cyber_nuxbie
EIP-2026-113503 EXPLOITDB html VERIFIED
WordPress Core 3.4.2 - Cross-Site Request Forgery
by AkaStep
EIP-2026-114514 EXPLOITDB text VERIFIED
YCommerce - Multiple SQL Injections
by Ricardo Almeida
CVE-2012-4242 EXPLOITDB text VERIFIED
MF Gig Calendar 0.9.2 - Cross-Site Scripting via Query String
Cross-site scripting (XSS) vulnerability in the MF Gig Calendar plugin 0.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the query string to the calendar page.
by Chris Cooper
EIP-2026-111448 EXPLOITDB text VERIFIED
Poweradmin - 'index.php' Cross-Site Scripting
by Siavash
EIP-2026-109313 EXPLOITDB text VERIFIED
Manhali 1.8 - Local File Inclusion
by L0n3ly-H34rT