Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-119407 EXPLOITDB text
Mirasys DVMS Workstation 5.12.6 - Path Traversal
by Onvio
CVE-2018-8214 EXPLOITDB HIGH text VERIFIED
Windows Desktop Bridge - Privilege Escalation
An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8208.
by Google Security Research
CVSS 7.0
CVE-2018-8208 EXPLOITDB HIGH text VERIFIED
Windows 10 and Windows Server 2016 - Elevation of Privilege via Desktop Bridge Virtual Registry
An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8214.
by Google Security Research
CVSS 7.0
CVE-2018-12453 EXPLOITDB HIGH text
Redis < 5.0 - Denial of Service via XGROUP Command Type Confusion
Type confusion in the xgroupCommand function in t_stream.c in redis-server in Redis before 5.0 allows remote attackers to cause denial-of-service via an XGROUP command in which the key is not a stream.
by Fakhri Zulkifli
CVSS 7.5
CVE-2018-12327 EXPLOITDB CRITICAL text
NTP 4.2.8p11 - Stack-based Buffer Overflow via IPv4/IPv6 Command-line Parameter
Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whether there are any common situations in which ntpq or ntpdc is used with a command line from an untrusted source.
by Fakhri Zulkifli
CVSS 9.8
CVE-2018-12525 EXPLOITDB MEDIUM text
perfSONAR MaDDash <2.0.2 - Info Disclosure
An issue was discovered in perfSONAR Monitoring and Debugging Dashboard (MaDDash) 2.0.2. A direct request to /images/ provides a directory listing.
by ManhNho
CVSS 5.3
CVE-2018-12632 EXPLOITDB MEDIUM text
Redatam < 7 - Information Disclosure via Invalid LFN Parameter
Redatam7 (formerly Redatam WebServer) allows remote attackers to discover the installation path via an invalid LFN parameter to the /redbin/rpwebutilities.exe/text URI.
by Berk Dusunur
CVSS 5.3
CVE-2018-12631 EXPLOITDB HIGH text
Redatam < 7 - Unauthenticated Path Traversal via LFN Parameter
Redatam7 (formerly Redatam WebServer) allows remote attackers to read arbitrary files via /redbin/rpwebutilities.exe/text?LFN=../ directory traversal.
by Berk Dusunur
CVSS 7.5
CVE-2018-12292 EXPLOITDB CRITICAL text
Pale Moon < 27.9.3 - Use-After-Free in DOMProxyHandler
A use-after-free vulnerability exists in DOMProxyHandler::EnsureExpandoObject in Pale Moon before 27.9.3.
by Berk Cem Göksel
CVSS 9.8
CVE-2018-0824 EXPLOITDB HIGH text
Microsoft Windows - Remote Code Execution via Untrusted Object Deserialization
A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects, aka "Microsoft COM for Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
by Code White
CVSS 8.8
EIP-2026-103314 EXPLOITDB text
RabbitMQ Web Management < 3.7.6 - Cross-Site Request Forgery (Add Admin)
by Dolev Farhi
CVE-2018-11652 EXPLOITDB CRITICAL text
Nikto < 2.1.6 - CSV Injection via Server Field in HTTP Response Header
CSV Injection vulnerability in Nikto 2.1.6 and earlier allows remote attackers to inject arbitrary OS commands via the Server field in an HTTP response header, which is directly injected into a CSV report.
by Adam Greenhill
CVSS 9.8
CVE-2018-12095 EXPLOITDB MEDIUM text
OEcms v3.1 - Reflected Cross-Site Scripting via info.php mod Parameter
A Reflected Cross-Site Scripting web vulnerability has been discovered in the OEcms v3.1 web-application. The vulnerability is located in the mod parameter of info.php.
by Renzi
CVSS 5.4
CVE-2018-12094 EXPLOITDB MEDIUM text
Dimofinf CMS 3.0.0 - Cross-Site Scripting via News.php ID Parameter
Cross-site scripting (XSS) vulnerability in news.php in Dimofinf CMS Version 3.0.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
by Renzi
CVSS 5.4
CVE-2018-25353 EXPLOITDB HIGH text
Redaxo CMS Mediapool Addon 5.5.1 Arbitrary File Upload
Redaxo CMS Mediapool Addon 5.5.1 and older contains an arbitrary file upload vulnerability that allows authenticated users to bypass file extension blacklist restrictions. Attackers with editor accounts can upload executable files by using obfuscated extensions like php71 or php53 to evade the blacklist filter and execute arbitrary code.
by h0n1gsp3cht
CVSS 8.8
CVE-2018-10619 EXPLOITDB HIGH text
RSLinx Classic <3.90.01 - Privilege Escalation
An unquoted search path or element in RSLinx Classic Versions 3.90.01 and prior and FactoryTalk Linx Gateway Versions 3.90.00 and prior may allow an authorized, but non-privileged local user to execute arbitrary code and allow a threat actor to escalate user privileges on the affected workstation.
by LiquidWorm
CVSS 7.8
CVE-2018-0982 EXPLOITDB HIGH text VERIFIED
Windows 10 and Windows Server 2016 - Elevation of Privilege via Kernel API Permission Enforcement
An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
by Google Security Research
CVSS 7.0
CVE-2018-25352 EXPLOITDB HIGH text
WordPress Ultimate Form Builder Lite 1.3.7 SQL Injection via entry_id
WordPress Ultimate Form Builder Lite plugin version 1.3.7 and below contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the entry_id POST parameter. Attackers can send POST requests to the admin-ajax.php endpoint with the ufbl_get_entry_detail_action action to extract, modify, or escalate privileges within the WordPress database.
by defensecode
CVSS 7.1
CVE-2018-25351 EXPLOITDB HIGH text
Joomla! Component EkRishta 2.10 SQL Injection via username
Joomla! Component EkRishta 2.10 contains an error-based SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the username parameter. Attackers can submit POST requests to the login endpoint with SQL injection payloads in the username field to extract database information including user credentials and system details.
by L0RD
CVSS 8.2
CVE-2018-5755 EXPLOITDB MEDIUM text
Open-Xchange OX App Suite <7.6.3-rev3-7.8.4-rev4 - Path Traversal
Absolute path traversal vulnerability in the readerengine component in Open-Xchange OX App Suite before 7.6.3-rev3, 7.8.x before 7.8.2-rev4, 7.8.3 before 7.8.3-rev5, and 7.8.4 before 7.8.4-rev4 allows remote attackers to read arbitrary files via a full pathname in a formula in a spreadsheet.
by Open-Xchange
CVSS 5.5
CVE-2018-5754 EXPLOITDB MEDIUM text
Open-Xchange OX App Suite <7.8.3-rev12 & <7.8.4-rev9 - XSS
Cross-site scripting (XSS) vulnerability in the office-web component in Open-Xchange OX App Suite before 7.8.3-rev12 and 7.8.4 before 7.8.4-rev9 allows remote attackers to inject arbitrary web script or HTML via a crafted presentation file, related to copying content to the clipboard.
by Open-Xchange
CVSS 5.4
CVE-2018-5753 EXPLOITDB MEDIUM text
Open-Xchange OX App Suite <7.6.3-7.8.4 - Info Disclosure
The frontend component in Open-Xchange OX App Suite before 7.6.3-rev31, 7.8.x before 7.8.2-rev31, 7.8.3 before 7.8.3-rev41, and 7.8.4 before 7.8.4-rev20 allows remote attackers to spoof the origin of e-mails via unicode characters in the "personal part" of a (1) From or (2) Sender address.
by Open-Xchange
CVSS 6.5
CVE-2018-5752 EXPLOITDB HIGH text
Open-Xchange OX App Suite <7.6.3-7.8.4 - SSRF
The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, 7.8.x before 7.8.2-rev39, 7.8.3 before 7.8.3-rev44, and 7.8.4 before 7.8.4-rev22 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors involving non-decimal representations of IP addresses and special IPv6 related addresses.
by Open-Xchange
CVSS 8.8
CVE-2018-5751 EXPLOITDB MEDIUM text
Open-Xchange OX App Suite <7.6.3-7.8.4 - Info Disclosure
The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, 7.8.x before 7.8.2-rev39, 7.8.3 before 7.8.3-rev44, and 7.8.4 before 7.8.4-rev22 allows remote authenticated users to obtain sensitive information about external guest users via vectors related to the "groups" and "users" APIs.
by Open-Xchange
CVSS 6.5
CVE-2017-17062 EXPLOITDB MEDIUM text
Open-xchange Appsuite < 7.6.3 - XSS
The backend component in Open-Xchange OX App Suite before 7.6.3-rev35, 7.8.x before 7.8.2-rev38, 7.8.3 before 7.8.3-rev41, and 7.8.4 before 7.8.4-rev19 allows remote authenticated users to save arbitrary user attributes by leveraging improper privilege management.
by Open-Xchange
CVSS 6.5