Text Exploits
31,386 exploits tracked across all sources.
Microsoft Office PowerPoint 2010 - 'MSO!Ordinal5429' Missing Length Check Heap Corruption
by Google Security Research
ProjectSend r754 - Insecure Direct Object Reference
by Vulnerability-Lab
Joomla! Component Magic Deals Web 1.2.0 - SQL Injection
by Ihsan Sencan
Joomla! Component J-MultipleHotelReservation Standard 6.0.2 - 'review_id' SQL Injection
by Ihsan Sencan
Joomla! Component J-HotelPortal 6.0.2 - 'review_id' SQL Injection
by Ihsan Sencan
Joomla! Component J-CruiseReservation Standard 3.0 - 'city' SQL Injection
by Ihsan Sencan
Joomla! Component J-BusinessDirectory 4.6.8 - SQL Injection
by Ihsan Sencan
Joomla! Component Eventix Events Calendar 1.0 - SQL Injection
by Ihsan Sencan
Joomla! Component Directorix Directory Manager 1.1.1 - SQL Injection
by Ihsan Sencan
Joomla! Component AppointmentBookingPro 4.0.1 - SQL Injection
by Ihsan Sencan
Adobe Flash Player < 24.0.0.194 - Remote Code Execution via FLV Codec Heap Overflow
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the Flash Video (FLV) codec. Successful exploitation could lead to arbitrary code execution.
by Google Security Research
CVSS 8.8
Adobe Flash Player < 24.0.0.194 - Use-After-Free in ActionScript 3 BitmapData
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in the ActionScript 3 BitmapData class. Successful exploitation could lead to arbitrary code execution.
by Google Security Research
CVSS 8.8
Adobe Flash Player < 24.0.0.194 - Memory Corruption via Garbage Collection
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability when performing garbage collection. Successful exploitation could lead to arbitrary code execution.
by Google Security Research
CVSS 8.8
Adobe Flash Player < 24.0.0.194 - Remote Code Execution via MP4 Header Parsing
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability when parsing an MP4 header. Successful exploitation could lead to arbitrary code execution.
by Google Security Research
CVSS 8.8
Lock Photos Album&Videos Safe 4.3 - Directory Traversal
by Vulnerability-Lab
Joomla! Component PayPal IPN for DOCman 3.1 - 'id' SQL Injection
by Ihsan Sencan
Joomla! Component MaQma Helpdesk 4.2.7 - 'id' SQL Injection
by Ihsan Sencan
Mail Masta 1.0 - Authenticated SQL Injection via camp_id Parameter
A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/campaign/count_of_send.php (Requires authentication to Wordpress admin) with the POST Parameter: camp_id.
by Hanley Shun
CVSS 7.2
Mail Masta 1.0 - Authenticated SQL Injection via Filter List Parameter
A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/view-list.php (Requires authentication to Wordpress admin) with the GET Parameter: filter_list.
by Hanley Shun
CVSS 7.2
Mail Masta 1.0 - Unauthenticated SQL Injection via list_id Parameter
A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/csvexport.php (Unauthenticated) with the GET Parameter: list_id.
by Hanley Shun
CVSS 9.8
Sawmill Enterprise 8.7.9 - Authentication Bypass via Password Hash
Sawmill Enterprise 8.7.9 allows remote attackers to gain login access by leveraging knowledge of a password hash.
by hyp3rlinx
CVSS 9.8
Mail Masta 1.0 - Authenticated SQL Injection via list_id Parameter
A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/campaign_save.php (Requires authentication to Wordpress admin) with the POST Parameter: list_id.
by Hanley Shun
CVSS 7.2
Joomla! Component Room Management 1.0 - SQL Injection
by Ihsan Sencan
By Source