Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-110801 EXPLOITDB text VERIFIED
PHP-Fusion - 'article_id' SQL Injection
by KedAns-Dz
EIP-2026-109691 EXPLOITDB text VERIFIED
MyBB 1.4/1.6 - Multiple Vulnerabilities
by MustLive
EIP-2026-107352 EXPLOITDB text VERIFIED
Gazelle CMS 1.0 - Cross-Site Scripting / SQL Injection
by kurdish hackers team
EIP-2026-106491 EXPLOITDB text
DoceboLms 4.0.4 - Multiple Persistent Cross-Site Scripting Vulnerabilities
by LiquidWorm
CVE-2011-5025 EXPLOITDB text
Yaws 1.88 - Cross-Site Scripting via Wiki Application Parameters
Multiple cross-site scripting (XSS) vulnerabilities in the wiki application in Yaws 1.88 allow remote attackers to inject arbitrary web script or HTML via (1) the tag parameter to editTag.yaws, (2) the index parameter to showOldPage.yaws, (3) the node parameter to allRefsToMe.yaws, or (4) the text parameter to editPage.yaws.
by Michael Brooks
EIP-2026-102135 EXPLOITDB text
ZO Tech Multiple Print Servers - Cross-Site Scripting
by b0telh0
EIP-2026-102065 EXPLOITDB text
TP-Link TL-PS110U / TL-PS110P - Cross-Site Scripting
by b0telh0
EIP-2026-101923 EXPLOITDB text
Planex Mini-300PU & Mini100s - Cross-Site Scripting
by b0telh0
EIP-2026-101921 EXPLOITDB text
Planet FPS-1101 - Cross-Site Scripting
by b0telh0
EIP-2026-101838 EXPLOITDB text
Longshine Multiple Print Servers - Cross-Site Scripting
by b0telh0
EIP-2026-101714 EXPLOITDB text
Encore ENPS-2012 - Cross-Site Scripting
by b0telh0
CVE-2011-10028 EXPLOITDB HIGH text VERIFIED
RealArcade 2.6.0.445 ActiveX - Exec Method Command Execution
The RealNetworks RealArcade platform includes an ActiveX control (InstallerDlg.dll, version 2.6.0.445) that exposes a method named Exec via the StubbyUtil.ProcessMgr COM object. This method allows remote attackers to execute arbitrary commands on a victim's Windows machine without proper validation or restrictions. This platform was sometimes referred to or otherwise known as RealArcade or Arcade Games and has since consolidated with RealNetworks' platform, GameHouse.
by rgod
EIP-2026-119083 EXPLOITDB text VERIFIED
RealNetworks RealGames StubbyUtil.ShellCtl.1 - ActiveX Control Multiple Remote Command Executions
by rgod
EIP-2026-119081 EXPLOITDB text VERIFIED
RealNetworks GameHouse 'InstallerDlg.dll' 2.6.0.445 ActiveX Control - Multiple Vulnerabilities
by rgod
EIP-2026-118497 EXPLOITDB perl VERIFIED
EasyPHP 5.3.5.0 - 'index.php' Arbitrary File Download
by KedAns-Dz
EIP-2026-113967 EXPLOITDB text VERIFIED
WordPress Plugin Placester 0.1 - 'ajax_action' Cross-Site Scripting
by John Leitch
EIP-2026-111679 EXPLOITDB text
Rash CMS - SQL Injection
by keracker
EIP-2026-110263 EXPLOITDB text
OpenCart 1.4.9 - Multiple Local File Inclusions
by KedAns-Dz
EIP-2026-106490 EXPLOITDB text VERIFIED
DoceboLms 4.0.4 - 'index.php' Multiple HTML Injection Vulnerabilities
by LiquidWorm
EIP-2026-105389 EXPLOITDB text VERIFIED
Banner Ad Management Script - SQL Injection
by Egyptian.H4x0rz
EIP-2026-104984 EXPLOITDB text
Advanced Image Hosting 2.2 - 'index.php' SQL Injection
by keracker
EIP-2026-112386 EXPLOITDB text
spidaNews 1.0 - 'news.php?id' SQL Injection
by Easy Laster
EIP-2026-107781 EXPLOITDB text
ilchClan 1.0.5 - 'regist.php' SQL Injection
by Easy Laster
CVE-2011-1667 EXPLOITDB text VERIFIED
Anzeigenmarkt 2011 - SQL Injection via q Parameter in list Action
SQL injection vulnerability in index.php in Anzeigenmarkt 2011 allows remote attackers to execute arbitrary SQL commands via the q parameter in a list action.
by Easy Laster
EIP-2026-118161 EXPLOITDB perl VERIFIED
Word List Builder - Local Buffer Overflow (SEH)
by h1ch4m