Text Exploits
31,329 exploits tracked across all sources.
Joomla! Component JO Facebook Gallery 4.5 - SQL Injection
by Ihsan Sencan
Joomla! Component Community Surveys 4.3 - SQL Injection
by Ihsan Sencan
Joomla! Component Community Quiz 4.3.5 - SQL Injection
by Ihsan Sencan
Joomla! Component Community Polls 4.5.0 - SQL Injection
by Ihsan Sencan
Joomla! Component AJAX Search for K2 2.2 - SQL Injection
by Ihsan Sencan
NetGain Enterprise Manager 7.2.562 - 'Ping' Command Injection
by MrChaZ
EasyCom SQL iPlug - DoS
EasyCom SQL iPlug allows remote attackers to cause a denial of service via the D$EVAL parameter to the default URI.
by hyp3rlinx
CVSS 7.5
EasyCom for PHP 4.0.0.29 - Buffer Overflow
Stack-based buffer overflows in php_Easycom5_3_0.dll in EasyCom for PHP 4.0.0.29 allows remote attackers to execute arbitrary code via the server argument to the (1) i5_connect, (2) i5_pconnect, or (3) i5_private_connect API function.
by hyp3rlinx
CVSS 9.8
Joomla! Component RealEstateManager 3.9 - SQL Injection
by Ihsan Sencan
Joomla! Component MediaLibrary Basic 3.5 - SQL Injection
by Ihsan Sencan
Joomla! Component ContentMap 1.3.8 - 'contentid' SQL Injection
by Ihsan Sencan
Teradici Management Console 2.2.0 - Privilege Escalation
by hantwister
Dlink Dcs-2230l Firmware < 1.03.01 - CSRF
D-Link DCS cameras have a weak/insecure CrossDomain.XML file that allows sites hosting malicious Flash objects to access and/or change the device's settings via a CSRF attack. This is because of the 'allow-access-from domain' child element set to *, thus accepting requests from any domain. If a victim logged into the camera's web console visits a malicious site hosting a malicious Flash file from another Browser tab, the malicious Flash file then can send requests to the victim's DCS series Camera without knowing the credentials. An attacker can host a malicious Flash file that can retrieve Live Feeds or information from the victim's DCS series Camera, add new admin users, or make other changes to the device. Known affected devices are DCS-933L with firmware before 1.13.05, DCS-5030L, DCS-5020L, DCS-2530L, DCS-2630L, DCS-930L, DCS-932L, and DCS-932LB1.
by SlidingWindow
CVSS 8.8
Microsoft Office PowerPoint 2010 - MSO/OART Heap Out-of-Bounds Access
by Google Security Research
Microsoft Office PowerPoint 2010 - GDI 'GDI32!ConvertDxArray' Insufficient Bounds Check
by Google Security Research
Microsoft Office PowerPoint 2010 - 'MSO!Ordinal5429' Missing Length Check Heap Corruption
by Google Security Research
ProjectSend r754 - Insecure Direct Object Reference
by Vulnerability-Lab
Joomla! Component Magic Deals Web 1.2.0 - SQL Injection
by Ihsan Sencan
Joomla! Component J-MultipleHotelReservation Standard 6.0.2 - 'review_id' SQL Injection
by Ihsan Sencan
By Source