Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-101241 EXPLOITDB text
D-Link DNS-320 ShareCenter < 1.06 - Backdoor Access
by GulfTech Security
EIP-2026-103361 EXPLOITDB text VERIFIED
Apple macOS - IOHIDSystem Kernel Read/Write
by Siguza
CVE-2018-5211 EXPLOITDB CRITICAL text
PHP Melody 2.7.1 - SQL Injection via Playlist Parameter
PHP Melody version 2.7.1 suffer from SQL Injection Time-based attack on the page ajax.php with the parameter playlist.
by Ahmad Mahfouz
CVSS 9.8
CVE-2017-20223 EXPLOITDB CRITICAL text
Telesquare SKT LTE Router SDT-CS3B1 Insecure Direct Object Reference
Telesquare SKT LTE Router SDT-CS3B1 firmware version 1.2.0 contains an insecure direct object reference vulnerability that allows attackers to bypass authorization and access resources by manipulating user-supplied input parameters. Attackers can directly reference objects in the system to retrieve sensitive information and access functionalities without proper access controls.
by LiquidWorm
CVSS 9.8
EIP-2026-114426 EXPLOITDB text
Xerox DC260 EFI Fiery Controller Webtools 2.0 - Arbitrary File Disclosure
by LiquidWorm
EIP-2026-106705 EXPLOITDB text
Easy!Appointments 1.2.1 - Cross-Site Scripting
by LiquidWorm
CVE-2017-18049 EXPLOITDB MEDIUM text VERIFIED
SilverStripe < 3.5.6, 3.6.x < 3.6.3, 4.x < 4.0.1 - CSV Injection via User Profile Fields
In the CSV export feature of SilverStripe before 3.5.6, 3.6.x before 3.6.3, and 4.x before 4.0.1, it's possible for the output to contain macros and scripts, which may be executed if imported without sanitization into common software (including Microsoft Excel). For example, the CSV data may contain untrusted user input from the "First Name" field of a user's /myprofile page.
by Ishaq Mohammed
CVSS 5.5
CVE-2016-6914 EXPLOITDB HIGH text
UniFi Video < 3.8.0 - Local Privilege Escalation via Weak Installation Directory Permissions
Ubiquiti UniFi Video before 3.8.0 for Windows uses weak permissions for the installation directory, which allows local users to gain SYSTEM privileges via a Trojan horse taskkill.exe file.
by Julien Ahrens
CVSS 7.8
CVE-2017-17875 EXPLOITDB CRITICAL text
JEXTN FAQ Pro 4.0.0 - SQL Injection via id Parameter
The JEXTN FAQ Pro extension 4.0.0 for Joomla! has SQL Injection via the id parameter in a view=category action.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17876 EXPLOITDB HIGH text
Biometric Shift EMS 3.0 - Auth Bypass
Biometric Shift Employee Management System 3.0 allows remote attackers to bypass intended file-read restrictions via a user=download request with a pathname in the path parameter.
by Ihsan Sencan
CVSS 7.5
EIP-2026-104117 EXPLOITDB text
Vitek - Remote Command Execution / Information Disclosure (PoC)
by bashis
CVE-2017-17721 EXPLOITDB CRITICAL text
ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 - SQL Injection via Multiple Parameters
CWEBNET/WOSummary/List in ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows SQL injection via the tradestatus, assetno, assignto, building, domain, jobtype, site, trade, woType, workorderno, or workorderstatus parameter.
by Rajwinder Singh
CVSS 9.8
CVE-2017-17759 EXPLOITDB CRITICAL text
Conarc iChannel - Unauthenticated Sensitive Information Exposure and Denial of Service via wc.dll EditConfig Request
Conarc iChannel allows remote attackers to obtain sensitive information, modify the configuration, or cause a denial of service (by deleting the configuration) via a wc.dll?wwMaint~EditConfig request (which reaches an older version of a West Wind Web Connection HTTP service).
by Information Paradox
CVSS 9.8
CVE-2017-20252 EXPLOITDB HIGH text VERIFIED
Joomla NextGen Editor 2.1.0 SQL Injection via plname Parameter
Joomla NextGen Editor 2.1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL commands through the plname parameter. Attackers can send GET requests to index.php with option=com_nge&view=config and inject malicious SQL code in the plname parameter to extract sensitive database information.
by Ihsan Sencan
CVSS 8.2
CVE-2017-17738 EXPLOITDB HIGH text
BrightSign Digital Signage <4k242 - Path Traversal
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) allows renaming and modifying files via /tools.html.
by Information Paradox
CVSS 7.5
CVE-2017-17737 EXPLOITDB MEDIUM text
BrightSign 4K242 Firmware < 6.2.63 - Cross-Site Scripting via REF Parameter
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has XSS via the REF parameter to /network_diagnostics.html or /storage_info.html.
by Information Paradox
CVSS 6.1
CVE-2017-5717 EXPLOITDB HIGH text VERIFIED
Intel Graphics Driver - Privilege Escalation
Type Confusion in Content Protection HECI Service in Intel Graphics Driver allows unprivileged user to elevate privileges via local access.
by Google Security Research
CVSS 7.8
CVE-2017-17739 EXPLOITDB CRITICAL text
BrightSign 4k242 Firmware < 6.2.63 - Path Traversal and Arbitrary File Write via /storage.html rp Parameter
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has directory traversal via the /storage.html rp parameter, allowing an attacker to read or write to files.
by Information Paradox
CVSS 9.8
CVE-2017-20255 EXPLOITDB HIGH text VERIFIED
Joomla! Component JB Visa 1.0 SQL Injection via visatype
Joomla! Component JB Visa 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the visatype parameter. Attackers can send GET requests to index.php with the option=com_bookpro and view=popup parameters, injecting SQL commands in the visatype parameter to extract sensitive database information including credentials and table contents.
by Ihsan Sencan
CVSS 8.2
CVE-2017-20254 EXPLOITDB HIGH text
Joomla! Component User Bench 1.0 SQL Injection via userid
Joomla! Component User Bench 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the userid parameter. Attackers can send GET requests to index.php with the option=com_userbench&view=detail&userid parameter containing SQL injection payloads to extract sensitive database information including credentials and configuration data.
by Ihsan Sencan
CVSS 8.2
CVE-2017-20253 EXPLOITDB HIGH text
Joomla! Component My Projects 2.0 SQL Injection
Joomla! Component My Projects 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the VerAyari parameter. Attackers can craft requests to the component endpoint with SQL injection payloads to extract sensitive database information including credentials and system data.
by Ihsan Sencan
CVSS 8.2
CVE-2017-18048 EXPLOITDB HIGH text VERIFIED
Monstra CMS 3.0.4 - Unrestricted Upload of File with Dangerous Type via Case Bypass
Monstra CMS 3.0.4 allows users to upload arbitrary files, which leads to remote command execution on the server, for example because .php (lowercase) is blocked but .PHP (uppercase) is not.
by Ishaq Mohammed
CVSS 8.8
EIP-2026-108668 EXPLOITDB text
Joomla! Component Guru Pro - 'promocode' SQL Injection
by Ihsan Sencan
EIP-2026-105861 EXPLOITDB text
Ciuis CRM 1.0.7 - SQL Injection
by Zahid Abbasi
EIP-2026-105770 EXPLOITDB text
Cells Blog 3.5 - 'bgid' / 'fmid' / 'fnid' SQL Injection
by Ihsan Sencan