Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2010-2459 EXPLOITDB text VERIFIED
2daybiz Video Community Portal Script 1.0 - SQL Injection via videoid Parameter
SQL injection vulnerability in video.php in 2daybiz Video Community Portal Script 1.0 allows remote attackers to execute arbitrary SQL commands via the videoid parameter.
by L0rd CrusAd3r
EIP-2026-112746 EXPLOITDB text VERIFIED
Top Sites Script - SQL Injection
by L0rd CrusAd3r
EIP-2026-112644 EXPLOITDB text VERIFIED
The Uploader 2.0.4 - Remote File Disclosure
by Xa7m3d
EIP-2026-112327 EXPLOITDB text VERIFIED
SoftComplex PHP Event Calendar 1.5 - Multiple Remote Vulnerabilities
by cp77fk4r
EIP-2026-112326 EXPLOITDB text VERIFIED
Softbiz Resource Repository Script - Blind SQL Injection
by Sangteamtham
EIP-2026-112322 EXPLOITDB text VERIFIED
Softbiz PHP FAQ Script - Blind SQL Injection
by Sangteamtham
EIP-2026-112286 EXPLOITDB text VERIFIED
Social Community Script - SQL Injection
by L0rd CrusAd3r
EIP-2026-111492 EXPLOITDB text VERIFIED
PreProject Multi-Vendor Shopping Malls - SQL Injection
by Sangteamtham
EIP-2026-111478 EXPLOITDB text VERIFIED
Pre PHP Classifieds - SQL Injection
by Sangteamtham
EIP-2026-110693 EXPLOITDB text
PHP Event Calendar 1.5 - Multiple Vulnerabilities
by cp77fk4r
EIP-2026-110069 EXPLOITDB text VERIFIED
Online Classified System Script - SQL Injection / Cross-Site Scripting
by L0rd CrusAd3r
CVE-2010-2457 EXPLOITDB text VERIFIED
K-Search - Cross-Site Scripting via Term Parameter
Cross-site scripting (XSS) vulnerability in index.php in K-Search allows remote attackers to inject arbitrary web script or HTML via the term parameter.
by Sangteamtham
CVE-2010-2507 EXPLOITDB text VERIFIED
com_picasa2gallery < 1.2.8 - Path Traversal via Controller Parameter
Directory traversal vulnerability in the Picasa2Gallery (com_picasa2gallery) component 1.2.8 and earlier for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
by kaMtiEz
EIP-2026-108606 EXPLOITDB text VERIFIED
Joomla! Component com_ybggal 1.0 - 'catid' SQL Injection
by v3n0m
EIP-2026-108103 EXPLOITDB text VERIFIED
Job Search Script - SQL Injection
by L0rd CrusAd3r
CVE-2010-2609 EXPLOITDB text VERIFIED
2daybiz Job Search Engine Script - SQL Injection via show_search_result.php keyword parameter
SQL injection vulnerability in show_search_result.php in 2daybiz Job Search Engine Script allows remote attackers to execute arbitrary SQL commands via the keyword parameter.
by L0rd CrusAd3r
EIP-2026-107641 EXPLOITDB text VERIFIED
Hot or Not Picture Rating Script - SQL Injection
by L0rd CrusAd3r
EIP-2026-107496 EXPLOITDB text VERIFIED
Greeting card 1.1 - SQL Injection
by Net.Edit0r
CVE-2010-5287 EXPLOITDB text VERIFIED
Cornerstone Technologies webConductor - SQL Injection
SQL injection vulnerability in default.php in Cornerstone Technologies webConductor allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Th3 RDX
EIP-2026-105893 EXPLOITDB text VERIFIED
Classifieds Script - 'rate' SQL Injection
by L0rd CrusAd3r
EIP-2026-105121 EXPLOITDB text VERIFIED
Alpin CMS - 'e4700.asp?id' SQL Injection
by CoBRa_21
CVE-2003-0722 EXPLOITDB ruby VERIFIED
Solaris - Unauthenticated Remote Privilege Escalation via sadmind AUTH_SYS Spoofing
The default installation of sadmind on Solaris uses weak authentication (AUTH_SYS), which allows local and remote attackers to spoof Solstice AdminSuite clients and gain root privileges via a certain sequence of RPC packets.
by Metasploit
CVE-2010-1199 EXPLOITDB text VERIFIED
Firefox 3.5.x-3.5.9 and 3.6.x-3.6.3 - Remote Code Execution via XSLT Node Sorting Integer Overflow
Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node.
by Martin Barbella
EIP-2026-100627 EXPLOITDB text VERIFIED
webConductor - 'default.asp' SQL Injection
by Th3 RDX
CVE-2010-2688 EXPLOITDB text VERIFIED
Site2Nite Boat Classifieds - SQL Injection
SQL injection vulnerability in detail.asp in Site2Nite Boat Classifieds allows remote attackers to execute arbitrary SQL commands via the ID parameter.
by Sangteamtham