Text Exploits

31,394 exploits tracked across all sources.

Sort: Activity Stars
CVE-2013-2574 EXPLOITDB HIGH text VERIFIED
FOSCAM IP Camera FI8620 - Info Disclosure
An Access vulnerability exists in FOSCAM IP Camera FI8620 due to insufficient access restrictions in the /tmpfs/ and /log/ directories, which could let a malicious user obtain sensitive information.
by Core Security
CVSS 7.5
CVE-2013-2577 EXPLOITDB text VERIFIED
XnView < 2.04 - Remote Code Execution via Crafted PCT File
Buffer overflow in XnView before 2.04 allows remote attackers to execute arbitrary code via a crafted PCT file.
by Core Security
CVE-2013-3174 EXPLOITDB text
Microsoft Windows - Remote Code Execution via Crafted GIF File
DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 allows remote attackers to execute arbitrary code via a crafted GIF file, aka "DirectShow Arbitrary Memory Overwrite Vulnerability."
by Andrés Gómez Ramírez
CVE-2013-2576 EXPLOITDB text VERIFIED
Artweaver < 3.1.6 - Buffer Overflow via Crafted AWD File
Buffer overflow in Artweaver before 3.1.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted AWD file.
by Core Security
EIP-2026-106403 EXPLOITDB text
Dell Kace 1000 SMA 5.4.742 - SQL Injection
by Vulnerability-Lab
EIP-2026-102274 EXPLOITDB text
Photo Server 2.0 iOS - Multiple Vulnerabilities
by Vulnerability-Lab
EIP-2026-116477 EXPLOITDB text VERIFIED
VbsEdit 5.9.3 - '.smi' Buffer Overflow (PoC)
by d3b4g
EIP-2026-113756 EXPLOITDB text VERIFIED
WordPress Plugin FlagEm - 'cID' Cross-Site Scripting
by IeDb ir
EIP-2026-109509 EXPLOITDB text
MLM (Multi Level Marketing) Script - Multiple Vulnerabilities
by 3spi0n
EIP-2026-106057 EXPLOITDB text VERIFIED
Collabtive - Multiple Vulnerabilities
by Enrico Cinquini
EIP-2026-102536 EXPLOITDB text
Sybase EAServer 6.3.1 - Multiple Vulnerabilities
by SEC Consult
EIP-2026-101550 EXPLOITDB text
Barracuda LB / SVF / WAF / WEF - Multiple Vulnerabilities
by Vulnerability-Lab
EIP-2026-101547 EXPLOITDB text
Barracuda CudaTel 2.6.02.040 - SQL Injection
by Vulnerability-Lab
EIP-2026-119359 EXPLOITDB text
Dell PacketTrap PSA 7.1 - Multiple Cross-Site Scripting Vulnerabilities
by Vulnerability-Lab
EIP-2026-119358 EXPLOITDB text
Dell PacketTrap MSP RMM 6.6.x - Multiple Cross-Site Scripting Vulnerabilities
by Vulnerability-Lab
CVE-2013-5979 EXPLOITDB text
Xibo 1.2.x < 1.2.3 and 1.4.x < 1.4.2 - Path Traversal via Index.php p Parameter
Directory traversal vulnerability in Spring Signage Xibo 1.2.x before 1.2.3 and 1.4.x before 1.4.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the p parameter to index.php.
by Mahendra
CVE-2013-5099 EXPLOITDB text VERIFIED
Anchor CMS 0.9.1 - Cross-Site Scripting via Name Field in Comments
Cross-site scripting (XSS) vulnerability in article.php in Anchor CMS 0.9.1, when comments are enabled, allows remote attackers to inject arbitrary web script or HTML via the Name field. NOTE: some sources have reported that comments.php is vulnerable, but certain functions from comments.php are used by article.php.
by DURAKIBOX
EIP-2026-102315 EXPLOITDB text
WiFly 1.0 Pro iOS - Multiple Vulnerabilities
by Vulnerability-Lab
EIP-2026-102236 EXPLOITDB text
Flux Player 3.1.0 iOS - Multiple Vulnerabilities
by Vulnerability-Lab
EIP-2026-102228 EXPLOITDB text
ePhoto Transfer 1.2.1 iOS - Multiple Vulnerabilities
by Vulnerability-Lab
EIP-2026-101172 EXPLOITDB text VERIFIED
Barracuda CudaTel - Multiple Cross-Site Scripting Vulnerabilities
by Benjamin Kunz Mejri
EIP-2026-111902 EXPLOITDB text
Saurus CMS 4.7.1 - Multiple Vulnerabilities
by waraxe
EIP-2026-109377 EXPLOITDB text VERIFIED
MCImageManager - Multiple Vulnerabilities
by MustLive
EIP-2026-106402 EXPLOITDB text
Dell Kace 1000 SMA 5.4.70402 - Persistent Cross-Site Scripting
by Vulnerability-Lab
CVE-2013-2248 EXPLOITDB text VERIFIED
Apache Struts 2.0.0-2.3.15 - Open Redirect via redirect: or redirectAction: Prefix
Multiple open redirect vulnerabilities in Apache Struts 2.0.0 through 2.3.15 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a parameter using the (1) redirect: or (2) redirectAction: prefix.
by Takeshi Terada