Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-107390 EXPLOITDB html VERIFIED
Getsimple CMS 2.01 - Multiple Vulnerabilities
by 10n1z3d
EIP-2026-105703 EXPLOITDB html VERIFIED
Campsite CMS 3.4.0 - Multiple Cross-Site Request Forgery Vulnerabilities
by 10n1z3d
EIP-2026-103866 EXPLOITDB text VERIFIED
Asterisk Recording Interface 0.7.15/0.10 - Multiple Vulnerabilities
by TurboBorland
CVE-2010-0832 EXPLOITDB bash VERIFIED
libpam-modules <1.1.0-2ubuntu1.1/1.1.1-2ubuntu5 - Privilege Escalation
pam_motd (aka the MOTD module) in libpam-modules before 1.1.0-2ubuntu1.1 in PAM on Ubuntu 9.10 and libpam-modules before 1.1.1-2ubuntu5 in PAM on Ubuntu 10.04 LTS allows local users to change the ownership of arbitrary files via a symlink attack on .cache in a user's home directory, related to "user file stamps" and the motd.legal-notice file.
by anonymous
CVE-2010-2630 EXPLOITDB text VERIFIED
libtiff - Denial of Service via Malformed TIFF File
The TIFFReadDirectory function in LibTIFF 3.9.0 does not properly validate the data types of codec-specific tags that have an out-of-order position in a TIFF file, which allows remote attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2010-2481.
by Tom Lane
EIP-2026-102366 EXPLOITDB text VERIFIED
dotDefender 4.02 - 'clave' Cross-Site Scripting
by David K
CVE-2010-2282 EXPLOITDB html
TomatoCMS 2.0.6 - Cross-Site Request Forgery
Cross-site request forgery (CSRF) vulnerability in TomatoCMS 2.0.6 allows remote attackers to hijack the authentication of administrators for requests that change the administrative password.
by 10n1z3d
EIP-2026-112741 EXPLOITDB html VERIFIED
TomatoCart 1.0.1 - Multiple Cross-Site Request Forgery Vulnerabilities
by 10n1z3d
EIP-2026-111834 EXPLOITDB text VERIFIED
RunCMS 2.1 - 'magpie_debug.php' Cross-Site Scripting
by John Leitch
EIP-2026-110340 EXPLOITDB html VERIFIED
Orbis CMS 1.0.2 - Multiple Cross-Site Request Forgery Vulnerabilities
by 10n1z3d
EIP-2026-109235 EXPLOITDB html VERIFIED
Macs CMS 1.1.4 - Cross-Site Scripting / Cross-Site Request Forgery
by 10n1z3d
EIP-2026-107259 EXPLOITDB html VERIFIED
Frog CMS 0.9.5 - Multiple Cross-Site Request Forgery Vulnerabilities
by 10n1z3d
EIP-2026-106256 EXPLOITDB text VERIFIED
CSSTidy 1.3 - 'css_optimiser.php' Cross-Site Scripting
by John Leitch
EIP-2026-105991 EXPLOITDB python VERIFIED
CMS Made Simple Module Download Manager 1.4.1 - Arbitrary File Upload
by John Leitch
EIP-2026-105990 EXPLOITDB python VERIFIED
CMS Made Simple Module Antz Toolkit 1.02 - Arbitrary File Upload
by John Leitch
EIP-2026-105983 EXPLOITDB python VERIFIED
CMS Made Simple 1.8 - 'default_cms_lang' Local File Inclusion
by John Leitch
EIP-2026-102398 EXPLOITDB text VERIFIED
Mac's CMS 1.1.4 - 'SearchString' Cross-Site Scripting
by 10n1z3d
CVE-2010-4984 EXPLOITDB text VERIFIED
My Kazaam Notes Management System - SQL Injection
SQL injection vulnerability in notes.php in My Kazaam Notes Management System allows remote attackers to execute arbitrary SQL commands via vectors involving the "Enter Reference Number Below" text box.
by L0rd CrusAd3r
CVE-2010-2699 EXPLOITDB text VERIFIED
Edge PHP Clickbank Affiliate Marketplace Script - SQL Injection
SQL injection vulnerability in index.php in Edge PHP Clickbank Affiliate Marketplace Script (CBQuick) allows remote attackers to execute arbitrary SQL commands via the search parameter.
by L0rd CrusAd3r
EIP-2026-118675 EXPLOITDB html VERIFIED
Image22 ActiveX 1.1.1 - Remote Buffer Overflow
by blake
EIP-2026-112043 EXPLOITDB text VERIFIED
Sillaj time tracking tool - Authentication Bypass
by L0rd CrusAd3r
EIP-2026-110872 EXPLOITDB perl
PHP-Nuke 8.1.0.3.5b - Remote Command Execution
by yawn
EIP-2026-110871 EXPLOITDB perl
PHP-Nuke 8.1.0.3.5b (Your_Account Module) - Blind SQL Injection (Benchmark Mode)
by yawn
EIP-2026-110868 EXPLOITDB perl
PHP-Nuke 8.0 -Web_Links Module - Blind SQL Injection
by yawn
CVE-2010-4985 EXPLOITDB text VERIFIED
My Kazaam Notes Management System - XSS
Cross-site scripting (XSS) vulnerability in notes.php in My Kazaam Notes Management System allows remote attackers to inject arbitrary web script or HTML via vectors involving the "Enter Reference Number Below" text box.
by L0rd CrusAd3r