Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-116122 EXPLOITDB text VERIFIED
Qt 4.6.3 - Remote Denial of Service
by Luigi Auriemma
EIP-2026-114553 EXPLOITDB text VERIFIED
YPNinc PHP Realty Script - 'docID' SQL Injection
by v3n0m
CVE-2010-4972 EXPLOITDB text VERIFIED
YPNinc JokeScript - SQL Injection via ypncat_id Parameter
SQL injection vulnerability in index.php in YPNinc JokeScript allows remote attackers to execute arbitrary SQL commands via the ypncat_id parameter.
by v3n0m
CVE-2010-2689 EXPLOITDB text VERIFIED
Internet DM WebDM CMS - SQL Injection
SQL injection vulnerability in cont_form.php in Internet DM WebDM CMS allows remote attackers to execute arbitrary SQL commands via the cf_id parameter.
by Dr.0rYX & Cr3W-DZ
CVE-2010-1327 EXPLOITDB text VERIFIED
TornadoStore <1.4.3 - SQL Injection
Multiple SQL injection vulnerabilities in TornadoStore 1.4.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the marca parameter to precios.php3 or (2) the where parameter in a delivery_courier action to control/abm_list.php3.
by Lucas Apa
EIP-2026-111031 EXPLOITDB text VERIFIED
PHPDirector 0.30 - 'videos.php' SQL Injection
by Mr-AbdoX
CVE-2010-2616 EXPLOITDB text VERIFIED
PHP Bible Search - SQL Injection via Chapter Parameter
SQL injection vulnerability in bible.php in PHP Bible Search, probably 0.99, allows remote attackers to execute arbitrary SQL commands via the chapter parameter.
by L0rd CrusAd3r
CVE-2010-2617 EXPLOITDB text VERIFIED
PHP Bible Search - Cross-Site Scripting via Chapter Parameter
Cross-site scripting (XSS) vulnerability in bible.php in PHP Bible Search allows remote attackers to inject arbitrary web script or HTML via the chapter parameter.
by L0rd CrusAd3r
CVE-2010-2683 EXPLOITDB text VERIFIED
Customer Paradigm PageDirector CMS - SQL Injection
SQL injection vulnerability in result.php in Customer Paradigm PageDirector CMS allows remote attackers to execute arbitrary SQL commands via the sub_catid parameter.
by v3n0m
EIP-2026-107474 EXPLOITDB html VERIFIED
Grafik CMS - '/admin.php' SQL Injection / Cross-Site Scripting
by High-Tech Bridge SA
CVE-2010-4979 EXPLOITDB text VERIFIED
CANDID - SQL Injection via image_id Parameter
SQL injection vulnerability in image/view.php in CANDID allows remote attackers to execute arbitrary SQL commands via the image_id parameter.
by L0rd CrusAd3r
CVE-2010-4978 EXPLOITDB text VERIFIED
CANDID - Cross-Site Scripting via image_id Parameter
Cross-site scripting (XSS) vulnerability in image/view.php in CANDID allows remote attackers to inject arbitrary web script or HTML via the image_id parameter.
by L0rd CrusAd3r
EIP-2026-105226 EXPLOITDB text VERIFIED
ArcademSX 2.904 - 'cat' Cross-Site Scripting
by Th3 RDX
EIP-2026-105111 EXPLOITDB text
Allomani Super MultiMedia 2.5 - Cross-Site Request Forgery (Add Admin)
by G0D-F4Th3r
EIP-2026-105106 EXPLOITDB text
Allomani E-Store 1.0 - Cross-Site Request Forgery (Add Admin) (1)
by G0D-F4Th3r
EIP-2026-104308 EXPLOITDB text
LIOOSYS CMS - 'news.php' SQL Injection
by GlaDiaT0R
EIP-2026-104302 EXPLOITDB text VERIFIED
Kryn.cms 6.0 - Cross-Site Request Forgery / HTML Injection
by TurboBorland
CVE-2010-5029 EXPLOITDB text
ecomat_cms 5.0 - SQL Injection via Index.php Show Parameter
SQL injection vulnerability in index.php in Ecomat CMS 5.0 allows remote attackers to execute arbitrary SQL commands via the show parameter in a web action.
by High-Tech Bridge SA
CVE-2010-1931 EXPLOITDB text VERIFIED
CubeCart 4.3.4-4.3.9 - SQL Injection via shipKey Parameter
SQL injection vulnerability in includes/content/cart.inc.php in CubeCart PHP Shopping cart 4.3.4 through 4.3.9 allows remote attackers to execute arbitrary SQL commands via the shipKey parameter to index.php.
by Core Security
CVE-2010-2204 EXPLOITDB c VERIFIED
Adobe Acrobat and Reader 9.x < 9.3.3 and 8.x < 8.2.3 - Denial of Service or Remote Code Execution
Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors.
by LiquidWorm
EIP-2026-102690 EXPLOITDB text VERIFIED
Mumble Murmur 1.2 - Denial of Service
by Luigi Auriemma
CVE-2010-2626 EXPLOITDB text VERIFIED
Miyabi CGI Tools SEO Links 1.02 - Remote Command Execution via fn Parameter
index.pl in Miyabi CGI Tools SEO Links 1.02 allows remote attackers to execute arbitrary commands via shell metacharacters in the fn command. NOTE: some of these details are obtained from third party information.
by Marshall Whittaker
EIP-2026-100361 EXPLOITDB text VERIFIED
Iatek PortalApp 3.3/4.0 - 'login.asp' Multiple Cross-Site Scripting Vulnerabilities
by High-Tech Bridge SA
CVE-2010-2684 EXPLOITDB text VERIFIED
Customer Paradigm PageDirector CMS - SQL Injection
SQL injection vulnerability in index.php in Customer Paradigm PageDirector CMS allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Tr0y-x
EIP-2026-117382 EXPLOITDB c VERIFIED
Kingsoft Writer 2010 - Local Stack Buffer Overflow
by fl0 fl0w