Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-109692 EXPLOITDB text
MyBB 1.6 - Full Path Disclosure
by High-Tech Bridge SA
EIP-2026-109101 EXPLOITDB text VERIFIED
LES PACKS - 'ID' SQL Injection
by Cru3l.b0y
EIP-2026-108836 EXPLOITDB perl VERIFIED
Joomla! Component Projects 'com_projects' - SQL Injection / Local File Inclusion
by jos_ali_joe
CVE-2010-4185 EXPLOITDB text VERIFIED
Energine < 2.3.8 - SQL Injection via NRGNSID Cookie
SQL injection vulnerability in index.php in Energine, possibly 2.3.8 and earlier, allows remote attackers to execute arbitrary SQL commands via the NRGNSID cookie.
by High-Tech Bridge SA
EIP-2026-106614 EXPLOITDB text VERIFIED
DZCP (deV!L_z Clanportal) 1.5.4 - Local File Inclusion
by High-Tech Bridge SA
EIP-2026-106373 EXPLOITDB text
DBHcms 1.1.4 - 'dbhcms_user/SearchString' SQL Injection
by High-Tech Bridge SA
CVE-2010-4870 EXPLOITDB text VERIFIED
BloofoxCMS 0.3.5 - SQL Injection via Gender Parameter
SQL injection vulnerability in index.php in BloofoxCMS 0.3.5 allows remote attackers to execute arbitrary SQL commands via the gender parameter.
by High-Tech Bridge SA
EIP-2026-105544 EXPLOITDB text VERIFIED
BloofoxCMS 0.3.5 - Information Disclosure
by High-Tech Bridge SA
EIP-2026-105527 EXPLOITDB text
BlogBird Platform - Multiple Cross-Site Scripting Vulnerabilities
by High-Tech Bridge SA
CVE-2008-5751 EXPLOITDB text VERIFIED
AlstraSoft Web Email Script Enterprise - SQL Injection
SQL injection vulnerability in index.php in AlstraSoft Web Email Script Enterprise (ESE) allows remote attackers to execute arbitrary SQL commands via the id parameter in a directory action.
by Salvatore Fresta
CVE-2010-4273 EXPLOITDB text VERIFIED
DescargarVista ACC IMoveis 1.1 - SQL Injection via id Parameter
SQL injection vulnerability in imoveis.php in DescargarVista ACC IMoveis 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by EraGoN
EIP-2026-114911 EXPLOITDB perl VERIFIED
Apache 2.2 (Windows) - Local Denial of Service
by fb1h2s
EIP-2026-105464 EXPLOITDB python
BigACE 2.7.3 - Cross-Site Request Forgery (Change Admin Password)
by Sweet
CVE-2010-4099 EXPLOITDB html VERIFIED
NitroSecurity NitroView ESM 8.4.0a - Remote Command Execution via Request Parameter
ess.pm in NitroSecurity NitroView ESM 8.4.0a, when ESSPMDebug is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in the Request parameter to ess.
by s_n
CVE-2010-4099 EXPLOITDB text
NitroSecurity NitroView ESM 8.4.0a - Remote Command Execution via Request Parameter
ess.pm in NitroSecurity NitroView ESM 8.4.0a, when ESSPMDebug is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in the Request parameter to ess.
by Filip Palian
EIP-2026-118891 EXPLOITDB c VERIFIED
Microsoft Windows Vista - 'lpksetup.exe oci.dll' DLL Loading Arbitrary Code Execution
by Tyler Borland
CVE-2010-4371 EXPLOITDB python VERIFIED
Winamp < 5.6 - Buffer Overflow in in_mod Plugin via Comment Box
Buffer overflow in the in_mod plugin in Winamp before 5.6 allows remote attackers to have an unspecified impact via vectors related to the comment box.
by Mighty-D & 7eK
EIP-2026-111328 EXPLOITDB text
Plesk Small Business Manager 10.2.0 and Site Editor - Multiple Vulnerabilities
by David Hoyt
EIP-2026-108036 EXPLOITDB python VERIFIED
Jamb - Cross-Site Request Forgery (Add a Post)
by Stoke
CVE-2010-3585 EXPLOITDB ruby VERIFIED
Oracle VM Server Virtual Server Agent Command Injection
Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to ovs-agent. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a third party researcher that this is related to the exposure of unspecified functions using XML-RPC.
by Metasploit
EIP-2026-111578 EXPLOITDB text VERIFIED
Pulse Pro 1.4.3 - Persistent Cross-Site Scripting
by Th3 RDX
CVE-2010-4869 EXPLOITDB text VERIFIED
DBHcms 1.1.4 - SQL Injection via Editmenu Parameter
SQL injection vulnerability in index.php in DBHcms 1.1.4 allows remote attackers to execute arbitrary SQL commands via the editmenu parameter.
by ZonTa
EIP-2026-119458 EXPLOITDB perl VERIFIED
AnyDVD 6.7.1.0 - Denial of Service
by Havok
EIP-2026-116148 EXPLOITDB perl VERIFIED
RarmaRadio 2.53.1 - '.m3u' Denial of Service
by anT!-Tr0J4n
EIP-2026-115395 EXPLOITDB python
HP Data Protector Media Operations 6.11 - HTTP Server Remote Integer Overflow Denial of Service
by d0lc3