Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-108236 EXPLOITDB text
Joomla! Component CheckList 1.1.0 - SQL Injection
by Ihsan Sencan
CVE-2015-0179 EXPLOITDB text
IBM Domino 8.5.x-8.5.3 FP6 IF6 and 9.x-9.0.1 FP3 IF1 - Local Privilege Escalation
Notes System Diagnostic (NSD) in IBM Domino 8.5.x before 8.5.3 FP6 IF6 and 9.x before 9.0.1 FP3 IF1 allows local users to obtain the System privilege via unspecified vectors, aka SPR TCHL9SST8V.
by ParagonSec
CVE-2017-14126 EXPLOITDB MEDIUM text
Participants Database < 1.7.5.10 - Cross-Site Scripting
The Participants Database plugin before 1.7.5.10 for WordPress has XSS.
by Benjamin Lim
CVSS 6.1
CVE-2016-10504 EXPLOITDB MEDIUM text
OpenJPEG < 2.2.0 - Heap-Based Buffer Overflow in opj_mqc_byteout
Heap-based buffer overflow vulnerability in the opj_mqc_byteout function in mqc.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (application crash) via a crafted bmp file.
by Ke Liu
CVSS 6.5
CVE-2016-10277 EXPLOITDB HIGH text
Linux Kernel - Elevation of Privilege via Motorola Bootloader
An elevation of privilege vulnerability in the Motorola bootloader could enable a local malicious application to execute arbitrary code within the context of the bootloader. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33840490.
by Roee Hay
CVSS 7.8
CVE-2017-18639 EXPLOITDB MEDIUM text
Progress Sitefinity CMS <10.1 - XSS
Progress Sitefinity CMS before 10.1 allows XSS via /Pages Parameter : Page Title, /Content/News Parameter : News Title, /Content/List Parameter : List Title, /Content/Documents/LibraryDocuments/incident-request-attachments Parameter : Document Title, /Content/Images/LibraryImages/newsimages Parameter : Image Title, /Content/links Parameter : Link Title, /Content/links Parameter : Link Title, or /Content/Videos/LibraryVideos/default-video-library Parameter : Video Title.
by Pralhad Chaskar
CVSS 6.1
CVE-2016-1000123 EXPLOITDB CRITICAL text
Huge-IT Video Gallery v1.0.9 - SQL Injection
Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for Joomla
by Larry W. Cashdollar
CVSS 9.8
CVE-2016-1000125 EXPLOITDB CRITICAL text
Huge-IT Catalog <1.0.7 - SQL Injection
Unauthenticated SQL Injection in Huge-IT Catalog v1.0.7 for Joomla
by Larry W. Cashdollar
CVSS 9.8
CVE-2016-1000124 EXPLOITDB CRITICAL text
Huge-IT Portfolio Gallery Plugin <1.0.6 - SQL Injection
Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin v1.0.6
by Larry W. Cashdollar
CVSS 9.8
CVE-2017-20257 EXPLOITDB HIGH text
Joomla! Component Quiz Deluxe 3.7.4 SQL Injection
Joomla! Component Quiz Deluxe 3.7.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL commands through the ajaxaction.flag_question task. Attackers can inject malicious SQL code via the stu_quiz_id or flag_quest parameters to manipulate database queries and extract sensitive information.
by Ihsan Sencan
CVSS 8.2
CVE-2017-15084 EXPLOITDB MEDIUM text VERIFIED
Rapid7 Metasploit < 4.14.1 - Cross-Site Request Forgery via Logout Function
The web UI in Rapid7 Metasploit before 4.14.1-20170828 allows logout CSRF, aka R7-2017-22.
by Dhiraj Mishra
CVSS 6.5
EIP-2026-110903 EXPLOITDB text
PHP-SecureArea < 2.7 - Multiple Vulnerabilities
by Cryo
EIP-2026-108738 EXPLOITDB text
Joomla! Component Joomanager 2.0.0 - 'com_Joomanager' Arbitrary File Download (PoC)
by Ihsan Sencan
EIP-2026-112922 EXPLOITDB text
User Login and Management - Multiple Vulnerabilities
by Ali BawazeEer
EIP-2026-107103 EXPLOITDB text
FineCMS 1.0 - Multiple Vulnerabilities
by sohaip-hackerDZ
CVE-2017-12943 EXPLOITDB CRITICAL text
D-Link DIR-600 B1 v2.x - Unauthenticated Path Traversal via __show_info.php REQUIRE_FILE Parameter
D-Link DIR-600 Rev Bx devices with v2.x firmware allow remote attackers to read passwords via a model/__show_info.php?REQUIRE_FILE= absolute path traversal attack, as demonstrated by discovering the admin password.
by Jithin D Kurup
CVSS 9.8
EIP-2026-101572 EXPLOITDB text
Brickcom IP Camera - Credentials Disclosure
by Emiliano Ipar
EIP-2026-114400 EXPLOITDB text
WYSIWYG HTML Editor PRO 1.0 - Arbitrary File Download
by Ihsan Sencan
EIP-2026-112227 EXPLOITDB text
Smart Chat 1.0.0 - SQL Injection
by Ihsan Sencan
EIP-2026-111941 EXPLOITDB text
Schools Alert Management Script - Authentication Bypass
by Ali BawazeEer
EIP-2026-110782 EXPLOITDB text
PHP Video Battle Script 1.0 - SQL Injection
by Ihsan Sencan
EIP-2026-110756 EXPLOITDB text
PHP Search Engine 1.0 - SQL Injection
by Ihsan Sencan
EIP-2026-110646 EXPLOITDB text
PHP Appointment Booking Script - Authentication Bypass
by Ali BawazeEer
EIP-2026-109204 EXPLOITDB text
Login-Reg Members Management PHP 1.0 - Arbitrary File Upload
by Ihsan Sencan
EIP-2026-107294 EXPLOITDB text
FTP Made Easy PRO 1.2 - SQL Injection
by Ihsan Sencan