Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-106435 EXPLOITDB text
DGNews 2.1 - SQL Injection
by kalashnikov
EIP-2026-105229 EXPLOITDB text
ardeaCore 2.25 - PHP Framework Remote File Inclusion
by n0n0x
EIP-2026-101249 EXPLOITDB text VERIFIED
DD-WRT 24-preSP2 - Information Disclosure
by Craig Heffner
CVE-2010-4701 EXPLOITDB php VERIFIED
Microsoft Windows Fax Services Cover Page Editor <5.2 r2 - RCE
Heap-based buffer overflow in the CDrawPoly::Serialize function in fxscover.exe in Microsoft Windows Fax Services Cover Page Editor 5.2 r2 in Windows XP Professional SP3, Server 2003 R2 Enterprise Edition SP2, and Windows 7 Professional allows remote attackers to execute arbitrary code via a long record in a Fax Cover Page (.cov) file. NOTE: some of these details are obtained from third party information.
by rgod
EIP-2026-110279 EXPLOITDB php VERIFIED
OpenClassifieds 1.7.0.3 - Chained: Captcha Bypass / SQL Injection / Persistent Cross-Site Scripting on FrontPage
by Michael Brooks
EIP-2026-107657 EXPLOITDB text VERIFIED
HotWeb Scripts HotWeb Rentals - 'PageId' SQL Injection
by non customers
CVE-2010-4693 EXPLOITDB html VERIFIED
Coppermine Photo Gallery <1.5.10 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Coppermine Photo Gallery 1.5.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) h and (2) t parameters to help.php, or (3) picfile_XXX parameter to searchnew.php.
by waraxe
CVE-2010-4693 EXPLOITDB text VERIFIED
Coppermine Photo Gallery <1.5.10 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Coppermine Photo Gallery 1.5.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) h and (2) t parameters to help.php, or (3) picfile_XXX parameter to searchnew.php.
by waraxe
EIP-2026-115851 EXPLOITDB python VERIFIED
Mongoose 2.11 - 'Content-Length' HTTP Header Remote Denial of Service
by JohnLeitch
EIP-2026-113236 EXPLOITDB text VERIFIED
Web@all 1.1 - Remote Admin Settings Change
by Giuseppe D'Inverno
EIP-2026-111334 EXPLOITDB text VERIFIED
Pligg CMS 1.1.3 - 'range' SQL Injection
by Dr.NeT
EIP-2026-110536 EXPLOITDB html
pecio CMS 2.0.5 - Cross-Site Request Forgery (Add Admin)
by P0C T34M
EIP-2026-110287 EXPLOITDB text
OpenEMR 3.2.0 - SQL Injection / Cross-Site Scripting
by blake
CVE-2010-4276 EXPLOITDB text VERIFIED
LiveZilla 3.2.0.2 - Cross-Site Scripting via livezilla Parameter in server.php
Cross-site scripting (XSS) vulnerability in the lz_tracking_set_sessid function in templates/jscript/jstrack.tpl in LiveZilla 3.2.0.2 allows remote attackers to inject arbitrary web script or HTML via the livezilla parameter in a track action to server.php.
by Ulisses Castro
EIP-2026-100083 EXPLOITDB text VERIFIED
Sigma Portal - 'ShowObjectPicture.aspx' Denial of Service
by Pouya Daneshmand
CVE-2010-5301 EXPLOITDB python VERIFIED
Kolibri 2.0 - Remote Code Execution via Long URI in HEAD Request
Stack-based buffer overflow in Kolibri 2.0 allows remote attackers to execute arbitrary code via a long URI in a HEAD request.
by TheLeader
EIP-2026-107880 EXPLOITDB text VERIFIED
Interact 2.4.1 - SQL Injection
by IR Security
EIP-2026-106246 EXPLOITDB text VERIFIED
CruxCMS 3.0 - Multiple Input Validation Vulnerabilities
by ToXiC
CVE-2003-1141 EXPLOITDB ruby VERIFIED
NIPrint 4.10 - Remote Code Execution via Long String to TCP Port 515
Buffer overflow in NIPrint 4.10 allows remote attackers to execute arbitrary code via a long string to TCP port 515.
by Metasploit
EIP-2026-112945 EXPLOITDB text
Vacation Rental Script 4.0 - Cross-Site Request Forgery
by OnurTURKESHAN
EIP-2026-112778 EXPLOITDB text
Traidnt Up 3.0 - Cross-Site Request Forgery
by P0C T34M
EIP-2026-112290 EXPLOITDB text
Social Engine 4.x (Music Plugin) - Arbitrary File Upload
by MyDoom
EIP-2026-111333 EXPLOITDB text
Pligg CMS 1.1.2 - Blind SQL Injection / Cross-Site Scripting
by Michael Brooks
EIP-2026-110247 EXPLOITDB text
openauto 1.6.3 - Multiple Vulnerabilities
by Michael Brooks
EIP-2026-109220 EXPLOITDB text VERIFIED
LoveCMS 1.6.2 Final - Multiple Local File Inclusions
by cOndemned