Text Exploits
31,337 exploits tracked across all sources.
ezStats for Battlefield 3 - '/ezStats2/compare.php' Multiple Cross-Site Scripting Vulnerabilities
by L0n3ly-H34rT
xNBD - '/tmp/xnbd.log' Insecure Temporary File Handling
by Sebastian Pipping
D-Link DIR-600 DIR-300 - Command Injection
The web interface of multiple D-Link routers, including DIR-600 rev B (≤2.14b01) and DIR-300 rev B (≤2.13), contains an unauthenticated OS command injection vulnerability in command.php, which improperly handles the cmd POST parameter. A remote attacker can exploit this flaw without authentication to spawn a Telnet service on a specified port, enabling persistent interactive shell access as root.
by m-1-k-3
CVSS 9.8
Glossword 1.8.8-1.8.12 - RCE
Glossword versions 1.8.8 through 1.8.12 contain an authenticated arbitrary file upload vulnerability. When deployed as a standalone application, the administrative interface (gw_admin.php) allows users with administrator privileges to upload files to the gw_temp/a/ directory. Due to insufficient validation of file type and path, attackers can upload and execute PHP payloads, resulting in remote code execution.
by AkaStep
D-Link DIR-300 rev B & DIR-600 <2.13/2.14b01 - Command Injection
An OS command injection vulnerability exists in various legacy D-Link routers—including DIR-300 rev B and DIR-600 (firmware ≤ 2.13 and ≤ 2.14b01, respectively)—due to improper input handling in the unauthenticated command.php endpoint. By sending specially crafted POST requests, a remote attacker can execute arbitrary shell commands with root privileges, allowing full takeover of the device. This includes launching services such as Telnet, exfiltrating credentials, modifying system configuration, and disrupting availability. The flaw stems from the lack of authentication and inadequate sanitation of the cmd parameter.
by m-1-k-3
CVSS 9.8
Oracle Automated Service Manager 1.3 - Installation Privilege Escalation
by Larry W. Cashdollar
Cisco Unity Express <8.0 - CSRF
Multiple cross-site request forgery (CSRF) vulnerabilities on the Cisco Unity Express with software before 8.0 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCue35910.
by Jacob Holcomb
Pureftpd Pure-ftpd < 1.0.31 - Improper Input Validation
The glob implementation in Pure-FTPd before 1.0.32, and in libc in NetBSD 5.1, does not properly expand expressions containing curly brackets, which allows remote authenticated users to cause a denial of service (memory consumption) via a crafted FTP STAT command.
by Maksymilian Arciemowicz
Simple Machine Forum 2.0.x < 2.0.4 - File Disclosure / Directory Traversal
by NightlyDev
EasyITSP - 'voicemail.php' Directory Traversal
by Michal Blaszczak
WordPress Theme flashnews - Multiple Input Validation Vulnerabilities
by MustLive
Netgear SPH200D Skype phone firmware <=1.0.4.80 - Path Traversal
A path traversal vulnerability exists in the Netgear SPH200D Skype phone firmware versions <= 1.0.4.80 in its embedded web server. Authenticated attackers can exploit crafted GET requests to access arbitrary files outside the web root by injecting traversal sequences. This can expose sensitive system files and configuration data.
by m-1-k-3
Doryphores Audio Player < 2.0.4.5 - XSS
Cross-site scripting (XSS) vulnerability in assets/player.swf in the Audio Player plugin before 2.0.4.6 for Wordpress allows remote attackers to inject arbitrary web script or HTML via the playerID parameter.
by hiphop
Buffalo TeraStation TS-Series - Multiple Vulnerabilities
by Andrea Fabrizi
Huntcctv Dvr-04ch Firmware - Authentication Bypass
Authentication bypass vulnerability in the the web interface in Hunt CCTV, Capture CCTV, Hachi CCTV, NoVus CCTV, and Well-Vision Inc DVR systems allows a remote attacker to retrieve the device configuration.
by Alejandro Ramos
CVSS 7.5
Fortinet Fortimail < 4.0 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in admin/FEAdmin.html in Fortinet FortiMail before 4.3.4 on FortiMail Identity-Based Encryption (IBE) appliances allow user-assisted remote attackers to inject arbitrary web script or HTML via (1) the Add field for the Black List under Antispam Management User Preferences or (2) the User name field for the Personal Black/White List in the AntiSpam section.
by Vulnerability-Lab
pfSense UTM Platform 2.0.1 - Cross-Site Scripting
by Dimitris Strevinas
Dleviet Datalife Engine - Code Injection
DataLife Engine (DLE) 9.7 allows remote attackers to execute arbitrary PHP code via the catlist[] parameter to engine/preview.php, which is used in a preg_replace function call with an e modifier.
by EgiX
By Source