Text Exploits

31,392 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-102116 EXPLOITDB text
Western Digital My Cloud 04.01.03-421/04.01.04-422 - Command Injection
by absane
CVE-2015-6922 EXPLOITDB CRITICAL text VERIFIED
Kaseya VSA <7.0.0.33, <8.0.0.23, <9.0.0.19, <9.1.0.9 - Unauthenticated RCE via File Write
Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.33, 8.x before 8.0.0.23, 9.0 before 9.0.0.19, and 9.1 before 9.1.0.9 does not properly require authentication, which allows remote attackers to bypass authentication and (1) add an administrative account via crafted request to LocalAuth/setAccount.aspx or (2) write to and execute arbitrary files via a full pathname in the PathData parameter to ConfigTab/uploader.aspx.
by Pedro Ribeiro
CVSS 9.8
CVE-2015-6000 EXPLOITDB HIGH text
vtiger CRM < 6.3.0 - Authenticated Unrestricted File Upload and Remote Code Execution via Company Logo Upload
Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyDetailsSave_Action class in modules/Settings/Vtiger/actions/CompanyDetailsSave.php in Vtiger CRM 6.3.0 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in test/logo/.
by Benjamin Daniel Mussler
CVSS 8.8
CVE-2016-6599 EXPLOITDB CRITICAL text
BMC Track-It! 11.4 - Info Disclosure
BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting configuration service (ConfigurationService) on port 9010. This service contains a method that can be used to retrieve a configuration file that contains the application database name, username and password as well as the domain administrator username and password. These are encrypted with a fixed key and IV ("NumaraIT") using the DES algorithm. The domain administrator username and password can only be obtained if the Self-Service component is enabled, which is the most common scenario in enterprise deployments.
by Pedro Ribeiro
CVSS 9.8
CVE-2015-5568 EXPLOITDB text
Adobe Flash Player <18.0.0.241-11.2.202.521, Adobe AIR <19.0.0.190 ...
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to cause a denial of service (vector-length corruption) or possibly have unspecified other impact via unknown vectors.
by Google Security Research
CVE-2015-3073 EXPLOITDB text
Adobe Reader/Acrobat <10.1.14, 11.x <11.0.11 - Auth Bypass
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, and CVE-2015-3074.
by Reigning Shells
CVE-2016-1713 EXPLOITDB HIGH text
vtiger CRM 6.4.0 - Authenticated Remote Code Execution via Company Logo Upload
Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyDetailsSave_Action class in modules/Settings/Vtiger/actions/CompanyDetailsSave.php in Vtiger CRM 6.4.0 allows remote authenticated users to execute arbitrary code by uploading a crafted image file with an executable extension, then accessing it via a direct request to the file in test/logo/. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6000.
by Benjamin Daniel Mussler
CVSS 7.3
EIP-2026-105785 EXPLOITDB text
Centreon 2.6.1 - Multiple Vulnerabilities
by LiquidWorm
CVE-2015-7904 EXPLOITDB text
Infinite Automation Mango Automation <2.6.0 - RCE
Unrestricted file upload vulnerability in Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 allows remote authenticated users to execute arbitrary JSP code via vectors involving an upload of an image file.
by LiquidWorm
EIP-2026-102281 EXPLOITDB text
Photos in Wifi 1.0.1 iOS - Arbitrary File Upload
by Vulnerability-Lab
EIP-2026-102261 EXPLOITDB text
My.WiFi USB Drive 1.0 iOS - Local File Inclusion
by Vulnerability-Lab
EIP-2026-102187 EXPLOITDB text
Telegram 3.2 - Input Length Handling Crash (PoC)
by Mohammad Reza Espargham
EIP-2026-115305 EXPLOITDB text
FreshFTP 5.52 - '.qfl' Crash (PoC)
by Un_N0n
CVE-2015-5075 EXPLOITDB text
X2Engine X2CRM < 5.0.9 - Cross-Site Request Forgery via User Creation
Cross-site request forgery (CSRF) vulnerability in X2Engine X2CRM before 5.2 allows remote attackers to hijack the authentication of administrators for requests that create an administrative account via a crafted request to index.php/users/create.
by Portcullis
CVE-2015-5074 EXPLOITDB text
X2Engine X2CRM < 5.0.8 - Authenticated Arbitrary File Upload via .pht Extension
Incomplete blacklist vulnerability in the FileUploadsFilter class in protected/components/filters/FileUploadsFilter.php in X2Engine X2CRM before 5.0.9 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a .pht extension.
by Portcullis
CVE-2015-8038 EXPLOITDB text
FortiManager < 5.2.3 - Cross-Site Scripting via sharedjobmanager or SOMServiceObjDialog
Multiple cross-site scripting (XSS) vulnerabilities in the Graphical User Interface (GUI) in Fortinet FortiManager before 5.2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) sharedjobmanager or (2) SOMServiceObjDialog.
by hyp3rlinx
CVE-2015-2512 EXPLOITDB text VERIFIED
Microsoft Windows - Local Privilege Escalation via Adobe Type Manager Library
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka "Font Driver Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-2507.
by Nils Sommer
CVE-2015-6009 EXPLOITDB text
Web Reference Database <0.9.6 - SQL Injection
Multiple SQL injection vulnerabilities in Web Reference Database (aka refbase) through 0.9.6 allow remote attackers to execute arbitrary SQL commands via (1) the where parameter to rss.php or (2) the sqlQuery parameter to search.php, a different issue than CVE-2015-7382.
by Mohab Ali
CVE-2015-6008 EXPLOITDB text
Web Reference Database <0.9.6 - Command Injection
install.php in Web Reference Database (aka refbase) through 0.9.6 allows remote attackers to execute arbitrary commands via the adminPassword parameter, a different issue than CVE-2015-7381.
by Mohab Ali
CVE-2015-7382 EXPLOITDB text
refbase < 0.9.6 - SQL Injection via defaultCharacterSet Parameter
SQL injection vulnerability in install.php in Web Reference Database (aka refbase) through 0.9.6 allows remote attackers to execute arbitrary SQL commands via the defaultCharacterSet parameter, a different issue than CVE-2015-6009.
by Mohab Ali
CVE-2015-7241 EXPLOITDB CRITICAL text
SAP NetWeaver < 7.0 - XML External Entity Injection
XML External Entity (XXE) vulnerability in SAP Netweaver before 7.01.
by Lukasz Miedzinski
CVSS 9.8
CVE-2015-1723 EXPLOITDB text VERIFIED
Microsoft Windows - Use-After-Free in Kernel-Mode Drivers
Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Microsoft Windows Station Use After Free Vulnerability."
by Nils Sommer
CVE-2015-2507 EXPLOITDB text VERIFIED
Microsoft Windows - Local Privilege Escalation via Adobe Type Manager Library
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka "Font Driver Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-2512.
by Nils Sommer
CVE-2015-2517 EXPLOITDB text VERIFIED
Microsoft Windows - Local Privilege Escalation via Win32k Memory Corruption
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka "Win32k Memory Corruption Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-2511, CVE-2015-2518, and CVE-2015-2546.
by Nils Sommer
CVE-2015-1727 EXPLOITDB text VERIFIED
Windows Kernel-Mode Drivers - Local Privilege Escalation via Buffer Overflow
Buffer overflow in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Win32k Pool Buffer Overflow Vulnerability."
by Nils Sommer