Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-107183 EXPLOITDB text VERIFIED
Football Website Manager 1.1 - SQL Injection / Multiple HTML Injection Vulnerabilities
by RoAd_KiLlEr
EIP-2026-102013 EXPLOITDB text VERIFIED
Snom IP Phone Web Interface < 8 - Multiple Vulnerabilities
by Yakir Wizman
CVE-2009-1028 EXPLOITDB ruby VERIFIED
ediSys eZip Wizard 3.0 - Stack-Based Buffer Overflow via Crafted ZIP File
Stack-based buffer overflow in ediSys eZip Wizard 3.0 allows remote attackers to execute arbitrary code via a crafted .zip file.
by Metasploit
EIP-2026-115228 EXPLOITDB perl VERIFIED
eXPert PDF 7.0.880.0 - '.pj' Heap Buffer Overflow
by KedAns-Dz
EIP-2026-114942 EXPLOITDB python VERIFIED
AT-TFTP Server 1.8 - 'Read' Request Remote Denial of Service
by Antu Sanadi
EIP-2026-112591 EXPLOITDB text VERIFIED
TemaTres 1.3 - '_search_expresion' Cross-Site Scripting
by AutoSec Tools
EIP-2026-111152 EXPLOITDB text
phpmychat plus 1.93 - Multiple Vulnerabilities
by AutoSec Tools
EIP-2026-110337 EXPLOITDB text
OrangeHRM 2.6.3 - 'PluginController.php' Local File Inclusion
by AutoSec Tools
EIP-2026-109785 EXPLOITDB text
mySeatXT 0.1781 - SQL Injection
by AutoSec Tools
EIP-2026-106989 EXPLOITDB text VERIFIED
eyeOS 1.9.0.2 - Image File Handling HTML Injection
by Alberto Ortega
EIP-2026-112332 EXPLOITDB text
SoftMP3 - SQL Injection
by mArTi
EIP-2026-114608 EXPLOITDB text
ZenPhoto 1.4.0.3 - x-forwarded-for HTTP Header Persistent Cross-Site Scripting
by Saif
EIP-2026-113546 EXPLOITDB text VERIFIED
WordPress Plugin Ajax Category Dropdown 0.1.5 - Multiple Vulnerabilities
by High-Tech Bridge SA
EIP-2026-113230 EXPLOITDB text VERIFIED
Web2Project 2.3 - SQL Injection
by AutoSec Tools
EIP-2026-112728 EXPLOITDB text VERIFIED
todoyu 2.0.8 - 'lang' Cross-Site Scripting
by AutoSec Tools
EIP-2026-111709 EXPLOITDB text VERIFIED
Realmarketing CMS - Multiple SQL Injections
by ^Xecuti0N3r
EIP-2026-109986 EXPLOITDB text VERIFIED
Nuke Evolution Xtreme 2.0 - Local File Inclusion / SQL Injection
by KedAns-Dz
EIP-2026-107110 EXPLOITDB text VERIFIED
First Escort Marketing CMS - Multiple SQL Injections Vulnerabilities
by NoNameMT
EIP-2026-106607 EXPLOITDB text VERIFIED
DynMedia Pro Web CMS 4.0 - Local File Disclosure
by Mbah_Semar
EIP-2026-106523 EXPLOITDB text
Dolibarr ERP/CRM 3.0.0 - Multiple Vulnerabilities
by AutoSec Tools
EIP-2026-106522 EXPLOITDB text VERIFIED
Dolibarr ERP/CRM 3.0 - Local File Inclusion / Cross-Site Scripting
by AutoSec Tools
EIP-2026-104847 EXPLOITDB text VERIFIED
4Images 1.7.9 - Multiple Vulnerabilities
by High-Tech Bridge SA
EIP-2026-104835 EXPLOITDB text
360 Web Manager 3.0 - Multiple Vulnerabilities
by Ignacio Garrido
CVE-2012-2386 EXPLOITDB php
PHP <5.3.14, <5.4.4 - Buffer Overflow
Integer overflow in the phar_parse_tarfile function in tar.c in the phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tar file that triggers a heap-based buffer overflow.
by Alexander Gavrun
CVE-2011-10026 EXPLOITDB CRITICAL ruby VERIFIED
Spreecommerce < 0.50.x - Unauthenticated Remote Code Execution via API Search Parameter
Spreecommerce versions prior to 0.50.x contain a remote command execution vulnerability in the API's search functionality. Improper input sanitation allows attackers to inject arbitrary shell commands via the search[instance_eval] parameter, which is dynamically invoked using Ruby’s send method. This flaw enables unauthenticated attackers to execute commands on the server.
by Metasploit
CVSS 9.8