Text Exploits
31,394 exploits tracked across all sources.
FOSCAM IP Camera FI8620 - Info Disclosure
An Access vulnerability exists in FOSCAM IP Camera FI8620 due to insufficient access restrictions in the /tmpfs/ and /log/ directories, which could let a malicious user obtain sensitive information.
by Core Security
CVSS 7.5
XnView < 2.04 - Remote Code Execution via Crafted PCT File
Buffer overflow in XnView before 2.04 allows remote attackers to execute arbitrary code via a crafted PCT file.
by Core Security
Microsoft Windows - Remote Code Execution via Crafted GIF File
DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 allows remote attackers to execute arbitrary code via a crafted GIF file, aka "DirectShow Arbitrary Memory Overwrite Vulnerability."
by Andrés Gómez Ramírez
Artweaver < 3.1.6 - Buffer Overflow via Crafted AWD File
Buffer overflow in Artweaver before 3.1.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted AWD file.
by Core Security
WordPress Plugin FlagEm - 'cID' Cross-Site Scripting
by IeDb ir
MLM (Multi Level Marketing) Script - Multiple Vulnerabilities
by 3spi0n
Barracuda LB / SVF / WAF / WEF - Multiple Vulnerabilities
by Vulnerability-Lab
Dell PacketTrap PSA 7.1 - Multiple Cross-Site Scripting Vulnerabilities
by Vulnerability-Lab
Dell PacketTrap MSP RMM 6.6.x - Multiple Cross-Site Scripting Vulnerabilities
by Vulnerability-Lab
Xibo 1.2.x < 1.2.3 and 1.4.x < 1.4.2 - Path Traversal via Index.php p Parameter
Directory traversal vulnerability in Spring Signage Xibo 1.2.x before 1.2.3 and 1.4.x before 1.4.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the p parameter to index.php.
by Mahendra
Anchor CMS 0.9.1 - Cross-Site Scripting via Name Field in Comments
Cross-site scripting (XSS) vulnerability in article.php in Anchor CMS 0.9.1, when comments are enabled, allows remote attackers to inject arbitrary web script or HTML via the Name field. NOTE: some sources have reported that comments.php is vulnerable, but certain functions from comments.php are used by article.php.
by DURAKIBOX
Flux Player 3.1.0 iOS - Multiple Vulnerabilities
by Vulnerability-Lab
ePhoto Transfer 1.2.1 iOS - Multiple Vulnerabilities
by Vulnerability-Lab
Barracuda CudaTel - Multiple Cross-Site Scripting Vulnerabilities
by Benjamin Kunz Mejri
Dell Kace 1000 SMA 5.4.70402 - Persistent Cross-Site Scripting
by Vulnerability-Lab
Apache Struts 2.0.0-2.3.15 - Open Redirect via redirect: or redirectAction: Prefix
Multiple open redirect vulnerabilities in Apache Struts 2.0.0 through 2.3.15 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a parameter using the (1) redirect: or (2) redirectAction: prefix.
by Takeshi Terada
By Source