Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-107612 EXPLOITDB text VERIFIED
HOMEPIMA Design - 'filedown.php' Local File Disclosure
by KnocKout
EIP-2026-107376 EXPLOITDB text VERIFIED
Gelsheet 1.02 - 'index.php' Cross-Site Scripting
by AutoSec Tools
EIP-2026-106968 EXPLOITDB text VERIFIED
Exponent CMS 2.0.0 Beta 1.1 - Local File Inclusion / Arbitrary File Upload
by AutoSec Tools
EIP-2026-106871 EXPLOITDB text VERIFIED
encoder 0.4.10 - 'edit.php' Cross-Site Scripting
by AutoSec Tools
EIP-2026-106850 EXPLOITDB text VERIFIED
EmbryoCore 1.03 - 'index.php' SQL Injection
by KedAns-Dz
EIP-2026-105167 EXPLOITDB html VERIFIED
Ampache 3.5.4 - 'login.php' Cross-Site Scripting
by AutoSec Tools
EIP-2026-103943 EXPLOITDB text VERIFIED
Imperva SecureSphere - SQL Query Filter Security Bypass
by @drk1wi
EIP-2026-100388 EXPLOITDB text VERIFIED
Keyfax Customer Response Management 3.2.2.6 - Multiple Cross-Site Scripting Vulnerabilities
by Richard Brain
EIP-2026-107077 EXPLOITDB text VERIFIED
FestOS 2.3c - 'upload.php' Arbitrary File Upload
by KedAns-Dz
EIP-2026-107393 EXPLOITDB python VERIFIED
Getsimple CMS 3.0 - 'set' Local File Inclusion
by AutoSec Tools
EIP-2026-106656 EXPLOITDB text VERIFIED
e107 0.7.25 - 'news.php' SQL Injection
by KedAns-Dz
EIP-2026-100799 EXPLOITDB text
f-fileman 7.0 - Directory Traversal
by Raffaele Forte
EIP-2026-113035 EXPLOITDB html VERIFIED
VCalendar 1.1.5 - Cross-Site Request Forgery
by High-Tech Bridge SA
EIP-2026-111220 EXPLOITDB text VERIFIED
phpThumb - 'phpThumbDebug' Information Disclosure
by mook
EIP-2026-111039 EXPLOITDB text VERIFIED
PHPDug 2.0.0 - Multiple Vulnerabilities
by High-Tech Bridge SA
EIP-2026-114205 EXPLOITDB text VERIFIED
WordPress Plugin WP Ajax Calendar 1.0 - 'example.php' Cross-Site Scripting
by High-Tech Bridge SA
EIP-2026-111037 EXPLOITDB text VERIFIED
PHPDug 2.0 - Multiple Cross-Site Scripting Vulnerabilities
by High-Tech Bridge SA
EIP-2026-110687 EXPLOITDB text VERIFIED
PHP Directory Listing Script 3.1 - 'index.php' Cross-Site Scripting
by High-Tech Bridge SA
EIP-2026-102465 EXPLOITDB text VERIFIED
BMC Remedy Knowledge Management 7.5.00 - Default Account / Multiple Cross-Site Scripting Vulnerabilities
by Richard Brain
EIP-2026-102464 EXPLOITDB text VERIFIED
BMC Dashboards 7.6.01 - Cross-Site Scripting / Information Disclosure
by Richard Brain
CVE-2011-10022 EXPLOITDB HIGH python VERIFIED
SPlayer < 3.7 (Build 2055) - Stack-Based Buffer Overflow via HTTP Content-Type Header
SPlayer version 3.7 and earlier is vulnerable to a stack-based buffer overflow when processing HTTP responses containing an overly long Content-Type header. The vulnerability occurs due to improper bounds checking on the header value, allowing an attacker to overwrite the Structured Exception Handler (SEH) and execute arbitrary code. Exploitation requires the victim to open a media file that triggers an HTTP request to a malicious server, which responds with a crafted Content-Type header.
by xsploitedsec
EIP-2026-104077 EXPLOITDB python VERIFIED
sipdroid 2.2 - SIP INVITE Response User Enumeration
by Anibal Vaz Marques
EIP-2026-101503 EXPLOITDB text VERIFIED
ZyWALL USG Appliance - Multiple Vulnerabilities
by RedTeam Pentesting
EIP-2026-100571 EXPLOITDB text VERIFIED
Sothink DHTML Menu - SQL Injection
by Caddy-Dz
CVE-2011-2089 EXPLOITDB html VERIFIED
ICONICS BizViz <9.22, GENESIS32 <9.22 - RCE
Stack-based buffer overflow in the SetActiveXGUID method in the VersionInfo ActiveX control in GenVersion.dll 8.0.138.0 in the WebHMI subsystem in ICONICS BizViz 9.x before 9.22 and GENESIS32 9.x before 9.22 allows remote attackers to execute arbitrary code via a long string in the argument. NOTE: some of these details are obtained from third party information.
by sgb & bls