Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-113953 EXPLOITDB text
WordPress Plugin Photoracer 1.0 - Multiple Vulnerabilities
by Yakir Wizman
EIP-2026-113941 EXPLOITDB text VERIFIED
WordPress Plugin oQey Headers 0.3 - SQL Injection
by Miroslav Stampar
EIP-2026-113903 EXPLOITDB text VERIFIED
WordPress Plugin MM Forms Community 1.2.3 - SQL Injection
by Miroslav Stampar
EIP-2026-113850 EXPLOITDB text VERIFIED
WordPress Plugin Js-appointment 1.5 - SQL Injection
by Miroslav Stampar
EIP-2026-113635 EXPLOITDB text VERIFIED
WordPress Plugin Collision Testimonials 3.0 - SQL Injection
by Miroslav Stampar
EIP-2026-111249 EXPLOITDB text VERIFIED
phpWebSite 1.7.1 - 'mod.php' SQL Injection
by Ehsan_Hp200
EIP-2026-119174 EXPLOITDB ruby
Sunway Force Control SCADA 6.1 SP3 - 'httpsrv.exe' Remote Overflow
by Canberk BOLAT
CVE-2006-2369 EXPLOITDB ruby VERIFIED
RealVNC 4.1.1 - Unauthenticated Authentication Bypass via Insecure Security Type
RealVNC 4.1.1, and other products that use RealVNC such as AdderLink IP and Cisco CallManager, allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, as originally demonstrated using a long password.
by Metasploit
EIP-2026-115366 EXPLOITDB perl VERIFIED
Groovy Media Player 2.6.0 - '.m3u' Local Buffer Overflow (PoC)
by D3r K0n!G
EIP-2026-113954 EXPLOITDB text
WordPress Plugin Photoracer 1.0 - SQL Injection
by evilsocket
EIP-2026-109271 EXPLOITDB html VERIFIED
Mambo 4.6.5 - 'index.php' Cross-Site Request Forgery
by Caddy-Dz
EIP-2026-108074 EXPLOITDB ruby
Jcow Social Networking Script 4.2 < 5.2 - Arbitrary Code Execution (Metasploit)
by Aung Khant
EIP-2026-114578 EXPLOITDB perl VERIFIED
Zazavi 1.2.1 - '/FileManager/Controller.php' Arbitrary File Upload
by KedAns-Dz
EIP-2026-114029 EXPLOITDB text
WordPress Plugin SendIt 1.5.9 - Blind SQL Injection
by evilsocket
EIP-2026-112110 EXPLOITDB text VERIFIED
Simple Machines Forum (SMF) 1.1.14/2.0 - '[img]' BBCode Tag Cross-Site Request Forgery
by Christian Yerena
EIP-2026-117152 EXPLOITDB html VERIFIED
F-Secure (Multiple Products) - ActiveX HeapSpray Overwrite (SEH)
by 41.w4r10r
EIP-2026-113070 EXPLOITDB text VERIFIED
VicBlog - 'tag' SQL Injection
by Eyup CELIK
EIP-2026-112760 EXPLOITDB text VERIFIED
Tourismscripts Hotel Portal - 'hotel_city' HTML Injection
by Eyup CELIK
EIP-2026-107576 EXPLOITDB text
Help Desk Software 1.1g - Cross-Site Request Forgery (Add Admin)
by G13
EIP-2026-106084 EXPLOITDB text VERIFIED
CommodityRentals Real Estate Script - 'txtsearch' HTML Injection
by Eyup CELIK
EIP-2026-110225 EXPLOITDB text VERIFIED
Open Classifieds 1.7.2 - Multiple Cross-Site Scripting Vulnerabilities
by Yassin Aboukir
EIP-2026-102499 EXPLOITDB text
ManageEngine ServiceDesk Plus 8.0 - Multiple Persistent Cross-Site Scripting Vulnerabilities
by LiquidWorm
CVE-2011-2131 EXPLOITDB text VERIFIED
Adobe Photoshop 12.0-12.1 - Remote Code Execution via Crafted GIF File
Adobe Photoshop 12.0 in Creative Suite 5 (CS5) and 12.1 in Creative Suite 5.1 (CS5.1) allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted GIF file.
by Francis Provencher
EIP-2026-113902 EXPLOITDB text VERIFIED
WordPress Plugin MM Duplicate 1.2 - SQL Injection
by Miroslav Stampar
EIP-2026-113225 EXPLOITDB text VERIFIED
Web Solutions Wcs2u - SQL Injection
by tempe_mendoan