Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-102055 EXPLOITDB text
TP-Link Archer CR-700 - Cross-Site Scripting
by Ayushman Dutta
EIP-2026-101385 EXPLOITDB text
NetMan 204 - Backdoor Account
by Saeed reza Zamanian
CVE-2016-20092 EXPLOITDB HIGH text
NetDrive 2.6.12 Unquoted Service Path Elevation of Privilege
NetDrive 2.6.12 contains an unquoted service path vulnerability in the Netdrive2_Service_Netdrive2 service that allows local users to execute arbitrary code with SYSTEM privileges. Attackers can insert malicious executables in the system root path that will be executed during service startup or system reboot, resulting in privilege escalation.
by Tulpa
CVSS 7.8
CVE-2016-20089 EXPLOITDB HIGH text
Iperius Remote 1.7.0 Unquoted Service Path Elevation of Privilege
Iperius Remote 1.7.0 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with SYSTEM privileges by exploiting the service installation path. When installed from directories containing spaces, attackers can place malicious executables in the path to be executed with elevated privileges during service startup or system reboot.
by Tulpa
CVSS 7.8
EIP-2026-117649 EXPLOITDB text
MSI - 'NTIOLib.sys' / 'WinIO.sys' Local Privilege Escalation
by ReWolf
EIP-2026-117429 EXPLOITDB text
Macro Expert 4.0 - Multiple Privilege Escalations
by Tulpa
EIP-2026-117122 EXPLOITDB text
Elantech-Smart Pad 11.9.0.0 - Unquoted Service Path Privilege Escalation
by zaeek
EIP-2026-108640 EXPLOITDB text
Joomla! Component Event Booking 2.10.1 - SQL Injection
by Persian Hack Team
CVE-2016-20093 EXPLOITDB HIGH text
Wise Care 365 4.27 and Wise Disk Cleaner 9.29 Unquoted Service Path Privilege Escalation
Wise Care 365 4.27 and Wise Disk Cleaner 9.29 contain unquoted service path vulnerabilities in the WiseBootAssistant and SpyHunter 4 Service respectively, allowing local users to execute arbitrary code with SYSTEM privileges. Attackers can insert malicious executables in the system root path that execute during service startup or system reboot with elevated privileges.
by Tulpa
CVSS 7.8
EIP-2026-118210 EXPLOITDB text
Zortam Mp3 Media Studio 21.15 - Insecure File Permissions Privilege Escalation
by Tulpa
EIP-2026-103393 EXPLOITDB text VERIFIED
Adobe Flash - Video Decompression Memory Corruption
by Google Security Research
CVE-2016-4275 EXPLOITDB HIGH text VERIFIED
Adobe Flash Player <18.0.0.375,19.x-23.x - Memory Corruption
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924.
by Google Security Research
CVSS 8.8
CVE-2016-20094 EXPLOITDB HIGH text
AnyDesk 2.5.0 Unquoted Service Path Elevation of Privilege
AnyDesk 2.5.0 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with SYSTEM privileges by exploiting the service installation. Attackers can insert malicious executables in the system root path that execute with elevated privileges during application startup or system reboot.
by Tulpa
CVSS 7.8
CVE-2016-3237 EXPLOITDB HIGH text VERIFIED
Microsoft Windows Kerberos - Authentication Bypass via NTLM Fallback
Kerberos in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows man-in-the-middle attackers to bypass authentication via vectors related to a fallback to NTLM authentication during a domain account password change, aka "Kerberos Security Feature Bypass Vulnerability."
by Nabeel Ahmed
CVSS 7.5
CVE-2016-5725 EXPLOITDB MEDIUM text VERIFIED
JCraft JSch <0.1.54 - Path Traversal
Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ (dot dot backslash) in a response to a recursive GET command.
by tintinweb
CVSS 5.9
EIP-2026-109341 EXPLOITDB text VERIFIED
Matrimonial Website Script 1.0.2 - SQL Injection
by N4TuraL
EIP-2026-108993 EXPLOITDB text
Kerio Control Unified Threat Management 9.1.0 build 1087/9.1.1 build 1324 - Multiple Vulnerabilities
by SEC Consult
EIP-2026-108578 EXPLOITDB text
Joomla! Component com_videogallerylite 1.0.9 - SQL Injection
by Larry W. Cashdollar
CVE-2016-7400 EXPLOITDB CRITICAL text
Exponent CMS < 2.3.9 - SQL Injection via id, title, or content_id Parameter
Multiple SQL injection vulnerabilities in Exponent CMS before 2.4.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an activate_address address controller action, (2) title parameter in a show blog controller action, or (3) content_id parameter in a showComments expComment controller action.
by Manuel García Cárdenas
CVSS 9.8
EIP-2026-100656 EXPLOITDB text
Microix Timesheet Module - SQL Injection
by Anthony Cole
CVE-2016-5309 EXPLOITDB MEDIUM text VERIFIED
Symantec Data Center Security: Server - Out-of-bounds Read in RAR File Parser
The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted RAR file that is mishandled during decompression.
by Google Security Research
CVSS 5.5
CVE-2016-3357 EXPLOITDB HIGH text VERIFIED
Microsoft Office 2007 SP3-2016, Word for Mac, SharePoint, Office Web Apps - Remote Code Execution via Crafted Document
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Word for Mac 2011, Word 2016 for Mac, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, SharePoint Server 2013 SP1, Excel Automation Services on SharePoint Server 2013 SP1, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
by Google Security Research
CVSS 7.8
CVE-2016-5310 EXPLOITDB MEDIUM text VERIFIED
Symantec Data Center Security: Server - Out-of-bounds Write in RAR File Parser
The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (memory corruption) via a crafted RAR file that is mishandled during decompression.
by Google Security Research
CVSS 5.5
EIP-2026-106531 EXPLOITDB text
Dolphin 7.3.0 - Error-Based SQL Injection
by Kacper Szurek
EIP-2026-117927 EXPLOITDB text
SolarWinds Kiwi Syslog Server 9.5.1 - Unquoted Service Path Privilege Escalation
by Halil Dalabasmaz