Text Exploits
31,330 exploits tracked across all sources.
Tequila File Hosting 1.5 - Multiple Vulnerabilities
by Ashiyane Digital Security Team
Ovidentia bulletindoc Module 2.9 - Multiple Remote File Inclusions
by bd0rk
ArticleSetup Article Script 1.00 - SQL Injection
by Linux Zone Research Team
Microsoft Windows 10 - Access Control
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability."
by Google Security Research
WordPress Plugin Admin Management Xtended 2.4.0 - Privilege escalation
by Kacper Szurek
ECommerceMajor - 'productdtl.php?prodid' SQL Injection
by Rahul Pratap Singh
Bitrix <1.0.4 - Path Traversal
Directory traversal vulnerability in the bitrix.xscan module before 1.0.4 for Bitrix allows remote authenticated users to rename arbitrary files, and consequently obtain sensitive information or cause a denial of service, via a .. (dot dot) in the file parameter to admin/bitrix.xscan_worker.php.
by High-Tech Bridge SA
Bitrix <1.0.12 - Path Traversal
Directory traversal vulnerability in the bitrix.mpbuilder module before 1.0.12 for Bitrix allows remote administrators to include and execute arbitrary local files via a .. (dot dot) in the element name of the "work" array parameter to admin/bitrix.mpbuilder_step2.php.
by High-Tech Bridge SA
Adobe Flash Player <18.0.0.255,19.x<19.0.0.226 - RCE
Adobe Flash Player before 18.0.0.255 and 19.x before 19.0.0.226 on Windows and OS X and before 11.2.202.540 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-7647.
by Google Security Research
Adobe Flash Player <18.0.0.255,19.x<19.0.0.226 - RCE
Adobe Flash Player before 18.0.0.255 and 19.x before 19.0.0.226 on Windows and OS X and before 11.2.202.540 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-7648.
by Google Security Research
Polycom VVX-Series Business Media Phones - Directory Traversal
by Jake Reynolds
GoAutoDial CE 3.3 - Multiple SQL Injections / Command Injection
by R-73eN
Avast! - Integer Overflow Verifying numFonts in TTC Header
by Google Security Research
Rar - CmdExtract::UnstoreFile Integer Truncation Memory Corruption
by Google Security Research
Avast! - Out-of-Bounds Write Decrypting PEncrypt Packed executables
by Google Security Research
Avast! - JetDb::Ised4x Performs Unbounded Search on Input
by Google Security Research
Avast! - Heap Overflow Unpacking MoleBox Archives
by Google Security Research
Microsoft Windows 7 - Improper Input Validation
Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows remote attackers to execute arbitrary code via a crafted .mcl file, aka "Media Center Library Parsing RCE Vulnerability."
by Eduardo Braun Prado
Microsoft Windows 7 - Information Disclosure
Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows remote attackers to read arbitrary files via a crafted .mcl file, aka "Windows Media Center Information Disclosure Vulnerability."
by Core Security
Microsoft Windows 7 - Improper Input Validation
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability."
by Google Security Research
WordPress Plugin WP Easy Poll 1.1.3 - Cross-Site Scripting / Cross-Site Request Forgery
by Mysticism
By Source