Text Exploits
31,346 exploits tracked across all sources.
Outline Service 1.3.3 - Privilege Escalation
Outline Service 1.3.3 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in C:\Program Files (x86)\Outline to inject malicious code that would execute with LocalSystem permissions during service startup.
by Minh Tuan
CVSS 7.8
osTicket <1.14.2 - XSS
include/class.sla.php in osTicket before 1.14.2 allows XSS via the SLA Name.
by Mehmet Kelepçe
CVSS 5.4
PHP-Fusion 9.03.50 - XSS
Multiple Cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers to inject arbitrary web script or HTML via the go parameter to faq/faq_admin.php or shoutbox_panel/shoutbox_admin.php
by SunCSR
CVSS 5.4
Online Scheduling System 1.0 - Persistent Cross-Site Scripting
by boku
Apache Ofbiz - CSRF
Apache OFBiz 17.12.01 is vulnerable to some CSRF attacks.
by Faiz Ahmed Zaidi
CVSS 8.8
Super Backup 2.0.5 for iOS - Directory Traversal
by Vulnerability-Lab
School ERP Pro 1.0 - Info Disclosure
School ERP Pro 1.0 contains a file disclosure vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the 'document' parameter in download.php. Attackers can access sensitive configuration files by supplying directory traversal paths to retrieve system credentials and configuration information.
by Besim
CVSS 7.5
Easy Transfer Wifi Transfer v1.7 - XSS
Easy Transfer Wifi Transfer v1.7 for iOS contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious scripts by manipulating the oldPath, newPath, and path parameters in Create Folder and Move/Edit functions. Attackers can exploit improper input validation via POST requests to execute arbitrary JavaScript in the context of the mobile web application.
by Vulnerability-Lab
Easy Transfer 1.7 iOS - Path Traversal
Easy Transfer 1.7 iOS mobile application contains a directory traversal vulnerability that allows remote attackers to access unauthorized file system paths without authentication. Attackers can exploit the vulnerability by manipulating path parameters in GET and POST requests to list or download sensitive system files and inject malicious scripts into application parameters.
by Vulnerability-Lab
CVSS 6.2
Andrea ST Filters Service <1.0.64.7 - Code Injection
Andrea ST Filters Service 1.0.64.7 contains an unquoted service path vulnerability in its Windows service configuration. Local attackers can exploit the unquoted path to inject malicious code that will execute with elevated LocalSystem privileges during service startup.
by Roberto Piña
CVSS 7.8
Internet Download Manager 6.37.11.1 - Stack Buffer Overflow (PoC)
by Vulnerability-Lab
Druva Insync Client - OS Command Injection
Improper neutralization of special elements used in an OS command in Druva inSync Windows Client 6.5.0 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges.
by Chris Lyne
CVSS 7.8
School ERP Pro 1.0 - RCE
School ERP Pro 1.0 contains a file upload vulnerability that allows students to upload arbitrary PHP files to the messaging system. Attackers can upload malicious PHP scripts through the message attachment feature, enabling remote code execution on the server.
by Besim
CVSS 9.8
School ERP Pro 1.0 - SQL Injection
School ERP Pro 1.0 contains a SQL injection vulnerability in the 'es_messagesid' parameter that allows attackers to manipulate database queries through GET requests. Attackers can exploit the vulnerable parameter by injecting crafted SQL statements to potentially extract, modify, or delete database information.
by Besim
CVSS 8.2
School ERP Pro 1.0 - RCE
School ERP Pro 1.0 contains a remote code execution vulnerability that allows authenticated admin users to upload arbitrary PHP files as profile photos by bypassing file extension checks. Attackers can exploit improper file validation in pre-editstudent.inc.php to execute arbitrary code on the server.
by Besim
CVSS 7.2
NVIDIA Update Service Daemon 1.0.21 - 'nvUpdatusService' Unquoted Service Path
by Roberto Piña
Netis E1+ 1.2.32533 - Info Disclosure
Netis E1+ 1.2.32533 contains an information disclosure vulnerability that allows unauthenticated attackers to retrieve WiFi passwords through the netcore_get.cgi endpoint. Attackers can send a GET request to the endpoint to extract sensitive network credentials including SSID and WiFi passwords in plain text.
by Besim
CVSS 7.5
Netis E1+ <1.2.32533 - Privilege Escalation
Netis E1+ version 1.2.32533 contains a hardcoded root account vulnerability that allows unauthenticated attackers to access the device with predefined credentials. Attackers can leverage the embedded root account with a crackable password to gain full administrative access to the network device.
by Besim
CVSS 7.5
Maian Support Helpdesk <4.3 - CSRF
Maian Support Helpdesk 4.3 contains a cross-site request forgery vulnerability that allows attackers to create administrative accounts without authentication. Attackers can craft malicious HTML forms to add admin users and upload PHP files with unrestricted file upload capabilities through the FAQ attachment system.
by Besim
CVSS 5.3
By Source