Text Exploits
31,386 exploits tracked across all sources.
HRSALE 1.1.8 - Cross-Site Request Forgery via Employee Registration Form
HRSALE 1.1.8 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized administrative users through the employee registration form. Attackers can craft a malicious HTML page with hidden form fields to trick authenticated administrators into creating new user accounts with elevated privileges.
by Ismail Akıcı
CVSS 4.3
ASUS AAHM 1.00.22 - 'asHmComSvc' Unquoted Service Path
by Roberto Piña
Appointment Booking Calendar < 1.3.35 - CSV Injection via Booking Form Fields
The Appointment Booking Calendar plugin before 1.3.35 for WordPress allows user input (in fields such as Description or Name) in any booking form to be any formula, which then could be exported via the Bookings list tab in /wp-admin/admin.php?page=cpabc_appointments.php. The attacker could achieve remote code execution via CSV injection.
by Daniel Monzón
CVSS 7.8
Joomla! Component com_newsfeeds 1.0 - 'feedid' SQL Injection
by Milad karimi
WatchGuard Fireware AD Helper Component 5.8.5.10317 - Credential Disclosure
by RedTeam Pentesting GmbH
Wing FTP Server < 6.2.7 - Cross-Site Request Forgery in Web Administration Interface
Wing FTP Server versions prior to 6.2.7 contain a cross-site request forgery (CSRF) vulnerability in the web administration interface that allows attackers to delete admin users. Attackers can craft a malicious HTML page with a hidden form to submit a request that deletes the administrative user account without proper authorization.
by Dhiraj Mishra
CVSS 4.3
Search Meter < 2.13.2 - Remote Code Execution via CSV Injection in Search Export
The Search Meter plugin through 2.13.2 for WordPress allows user input introduced in the search bar to be any formula. The attacker could achieve remote code execution via CSV injection if a wp-admin/index.php?page=search-meter Export is performed.
by Daniel Monzón
CVSS 9.8
CoreFTP 2.0 Build 674 SIZE - Directory Traversal (Metasploit)
by Kevin Randall
CoreFTP 2.0 Build 674 MDTM - Directory Traversal (Metasploit)
by Kevin Randall
PlaySMS 1.4.3 - Template Injection / Remote Code Execution
by Touhid M.Shaikh
BT CTROMS Terminal OS Port Portal CT-464 - Info Disclosure
An issue was discovered in BT CTROMS Terminal OS Port Portal CT-464. Account takeover can occur because the password-reset feature discloses the verification token. Upon a getverificationcode.jsp request, this token is transmitted not only to the registered phone number of the user account, but is also transmitted to the unauthenticated HTTP client.
by AkkuS
CVSS 8.1
Persian VIP Download Script 1.0 - SQL Injection via cart_edit.php active parameter
Persian VIP Download Script 1.0 allows SQL Injection via the cart_edit.php active parameter.
by Amir Hossein Vafifar
CVSS 9.8
60CycleCMS 2.5.2 - Cross-Site Scripting via news.php GET Parameters
60CycleCMS 2.5.2 contains a cross-site scripting (XSS) vulnerability in news.php that allows attackers to inject malicious scripts through GET parameters. Attackers can craft malicious URLs with XSS payloads targeting the 'etsu' and 'ltsu' parameters to execute arbitrary scripts in victim's browsers. This issue does not involve SQL injection.
by Unkn0wn
CVSS 6.1
60CycleCMS 2.5.2 - SQL Injection via News Title Parameter
60CycleCMS 2.5.2 contains an SQL injection vulnerability in news.php and common/lib.php that allows attackers to manipulate database queries through unvalidated user input. Attackers can exploit vulnerable query parameters like 'title' to inject malicious SQL code and potentially extract or modify database contents. This issue does not involve cross-site scripting.
by Unkn0wn
CVSS 8.2
Sapplica Sentrifugo 3.2 - Blind SQL Injection via HolidaydatesController addAction Function
A Blind SQL Injection issue was discovered in Sapplica Sentrifugo 3.2 via the index.php/holidaygroups/add id parameter because of the HolidaydatesController.php addAction function.
by minhnb
CVSS 6.5
SpyHunter 4 - Unquoted Service Path Privilege Escalation
SpyHunter 4 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path by placing malicious executables in specific file system locations to gain elevated access during service startup.
by Alejandro Reyes
CVSS 7.8
Iskysoft Application Framework Service 2.4.3.241 - Code Injection
Iskysoft Application Framework Service 2.4.3.241 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that would be run with the service's high-level system permissions.
by Alejandro Reyes
CVSS 7.8
Deep Instinct Windows Agent 1.2.29.0 - Privilege Escalation
Deep Instinct Windows Agent 1.2.29.0 contains an unquoted service path vulnerability in the DeepMgmtService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files\HP Sure Sense\DeepMgmtService.exe to inject malicious code that would execute with LocalSystem permissions during service startup.
by Oscar Flores
CVSS 7.8
ASUS GiftBox Desktop 1.1.1.127 - 'ASUSGiftBoxDesktop' Unquoted Service Path
by Oscar Flores
UniSharp Laravel File Manager 2.0.0 - Arbitrary File Read
by NgoAnhDuc
GUnet OpenEclass 1.7.3 - Improper Access Control via phpMyAdmin Remote Login
GUnet OpenEclass 1.7.3 includes phpMyAdmin 2.10.0.2 by default, which allows remote logins. Attackers with access to the platform can remotely access phpMyAdmin and, after uploading a shell, view the config.php file to obtain the MySQL password, leading to full database compromise.
by emaragkos
CVSS 8.8
By Source