Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-115346 EXPLOITDB text VERIFIED
Google Chrome - Killing Thread (PoC)
by pigtail23
EIP-2026-119006 EXPLOITDB text VERIFIED
Oracle AutoVue 20.0.1 AutoVueX - ActiveX Control SaveViewStateToFile
by rgod
EIP-2026-116001 EXPLOITDB html
Opera 11.51 - Use-After-Free Crash (PoC)
by Roberto Suggi Liverani
EIP-2026-115125 EXPLOITDB python VERIFIED
Cyclope Internet Filtering Proxy 4.0 - 'CEPMServer.exe' Denial of Service (PoC)
by loneferret
CVE-2006-4278 EXPLOITDB php
SportsPHool 1.0 - Remote File Inclusion via mainnav Parameter
PHP remote file inclusion vulnerability in includes/layout/plain.footer.php in SportsPHool 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the mainnav parameter.
by cr4wl3r
CVE-2013-6246 EXPLOITDB text VERIFIED
Dell Quest One Password Manager - Unauthenticated Information Disclosure via CAPTCHA Bypass
The Dell Quest One Password Manager, possibly 5.0, allows remote attackers to bypass CAPTCHA protections and obtain sensitive information (user's full name) by sending a login request with a valid domain and username but without the CaptchaType, UseCaptchaEveryTime, and CaptchaResponse parameters.
by Johnny Bravo
CVE-2011-4024 EXPLOITDB text
OCS Inventory NG < 2.0.1 - Cross-Site Scripting
Cross-site scripting (XSS) vulnerability in ocsinventory in OCS Inventory NG 2.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
by Nicolas DEROUET
EIP-2026-119357 EXPLOITDB python VERIFIED
Cyclope Internet Filtering Proxy 4.0 - Persistent Cross-Site Scripting
by loneferret
EIP-2026-116463 EXPLOITDB text VERIFIED
UnrealIRCd 3.2.8.1 - Local Configuration Stack Overflow
by DiGMi
EIP-2026-116014 EXPLOITDB text VERIFIED
Oracle DataDirect - Multiple Native Wire Protocol ODBC Drivers HOST Attribute Stack Buffer Overflows (PoC)
by rgod
EIP-2026-116003 EXPLOITDB html VERIFIED
Opera 11.52 - Stack Overflow
by pigtail23
EIP-2026-116002 EXPLOITDB html VERIFIED
Opera 11.52 - Denial of Service (PoC)
by pigtail23
EIP-2026-112863 EXPLOITDB text VERIFIED
Uiga Personal Portal - Multiple Vulnerabilities
by Eyup CELIK
EIP-2026-112698 EXPLOITDB text VERIFIED
Tine 2.0 - Multiple Cross-Site Scripting Vulnerabilities
by High-Tech Bridge SA
EIP-2026-112098 EXPLOITDB text
Simple Free PHP Forum Script - SQL Injection
by Skraps
EIP-2026-110354 EXPLOITDB text VERIFIED
osCommerce - Arbitrary File Upload / File Disclosure
by indoushka
EIP-2026-107847 EXPLOITDB text VERIFIED
Innovate Portal 2.0 - 'cat' Cross-Site Scripting
by Eyup CELIK
EIP-2026-107098 EXPLOITDB text
fims File Management System 1.2.1a - Multiple Vulnerabilities
by Skraps
EIP-2026-105993 EXPLOITDB text
CMS mini 0.2.2 - Local File Inclusion
by BeopSeong/I2Sec
EIP-2026-104338 EXPLOITDB text VERIFIED
Metasploit Web UI 4.1.0 - Persistent Cross-Site Scripting
by Stefan Schurtz
EIP-2026-104085 EXPLOITDB text VERIFIED
Splunk 4.1.6 - 'segment' Cross-Site Scripting
by Filip Palian
EIP-2026-103658 EXPLOITDB text VERIFIED
Splunk 4.1.6 Web Component - Remote Denial of Service
by Filip Palian
CVE-2009-3999 EXPLOITDB ruby VERIFIED
HP Power Manager <4.2.10 - Buffer Overflow
Stack-based buffer overflow in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to execute arbitrary code via a long fileName parameter.
by Metasploit
CVE-2011-5139 EXPLOITDB text VERIFIED
Pre Studio Business Cards Designer - SQL Injection via Page ID Parameter
SQL injection vulnerability in page.php in Pre Studio Business Cards Designer allows remote attackers to execute arbitrary SQL commands via the id parameter.
by dr_zig
EIP-2026-114529 EXPLOITDB text
Yet Another CMS 1.0 - SQL Injection / Cross-Site Scripting
by Stefan Schurtz