Text Exploits
31,386 exploits tracked across all sources.
Chamilo LMS 1.11.8 - Authenticated RCE
Chamilo LMS 1.11.8 contains an arbitrary file upload vulnerability that allows authenticated users to upload and execute PHP files through the elfinder filemanager module. Attackers can upload files with image headers in the social myfiles section, rename them to PHP extensions, and execute arbitrary code by accessing the uploaded files.
by Sohel Yousef
CVSS 8.8
Yoast Duplicate-Post WP <3.2.3 - XSS
Yoast Duplicate-Post WordPress Plugin 3.2.3 contains a persistent cross-site scripting vulnerability in plugin settings parameters. Attackers can inject malicious scripts into title prefix, suffix, menu order, and blacklist fields to execute arbitrary JavaScript in admin interfaces.
by Unk9vvN
CVSS 5.5
inoERP 4.15 - SQL Injection via Insecure Deserialization in download.php
download.php in inoERP 4.15 allows SQL injection through insecure deserialization.
by Semen Alexandrovich Lyhin
CVSS 9.8
citecodecrashers Pic-A-Point 1.1 - 'Consignment' SQL Injection
by cakes
all-in-one-seo-pack 3.2.7 - Persistent Cross-Site Scripting
by Unk9vvN
WordPress Server Log Viewer 1.0 - XSS
WordPress Server Log Viewer 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through unfiltered log file paths. Attackers can add log files with embedded XSS payloads that will execute when viewed in the WordPress admin interface.
by strider
CVSS 6.4
YzmCMS V5.3 - HTTP Host Header Injection
An HTTP Host header injection vulnerability exists in YzmCMS V5.3. A malicious user can poison a web cache or trigger redirections.
by Debashis Pal
CVSS 6.1
SpotIE Internet Explorer Password Recovery 2.9.5 - 'Key' Denial of Service
by Emilio Revelo
gitlabhook 0.0.17 - OS Command Injection via Repository Name
NPM package gitlabhook version 0.0.17 is vulnerable to a Command Injection vulnerability. Arbitrary commands can be injected through the repository name.
by Semen Alexandrovich Lyhin
CVSS 10.0
Microsoft SharePoint Foundation - Cross-Site Scripting
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'.
by Davide Cioccia
CVSS 5.4
Microsoft Windows cryptoapi - SymCrypt Modular Inverse Algorithm Denial of Service
by Google Security Research
iPhone OS < 12.4 - Out-of-bounds Read
An out-of-bounds read was addressed with improved input validation.
by Google Security Research
CVSS 9.8
Gila CMS < 1.11.1 - Path Traversal and Local File Inclusion via Admin File Manager
Gila CMS before 1.11.1 allows admin/fm/?f=../ directory traversal, leading to Local File Inclusion.
by Sainadh Jamalpur
CVSS 4.9
iPhone OS < 12.3 - Use-After-Free
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A malicious application may be able to execute arbitrary code with system privileges.
by Umang Raghuvanshi
CVSS 7.8
DIGIT CENTRIS ERP - Unauthenticated SQL Injection via datum1, datum2, KID, and PID Parameters
DIGIT CENTRIS ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the datum1, datum2, KID, and PID parameters. Attackers can send POST requests to /korisnikinfo.php with malicious SQL syntax in these parameters to extract or modify sensitive database information.
by n1x_
CVSS 8.2
GOautodial 4.0 - Authenticated Stored Cross-Site Scripting via Event Title Parameter
GOautodial 4.0 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the event title parameter. Attackers can exploit the CreateEvent.php endpoint by sending crafted POST requests with XSS payloads to execute arbitrary JavaScript in victim browsers.
by cakes
CVSS 6.4
Western Digital WD My Book World - Auth Bypass
Western Digital WD My Book World through II 1.02.12 suffers from Broken Authentication, which allows an attacker to access the /admin/ directory without credentials. An attacker can easily enable SSH from /admin/system_advanced.php?lang=en and login with the default root password welc0me.
by Noman Riffat
CVSS 9.8
Inteno EG200 EG200-WU7P1U_ADAMO3.16.4-190226_1650 - Unauthenticated 3DES Key Extraction via JUCI ACL Misconfiguration
Inteno EG200 EG200-WU7P1U_ADAMO3.16.4-190226_1650 routers have a JUCI ACL misconfiguration that allows the "user" account to extract the 3DES key via JSON commands to ubus. The 3DES key is used to decrypt the provisioning file provided by Adamo Telecom on a public URL via cleartext HTTP.
by Gerard Fuguet
CVSS 6.5
Notepad++ < 7.7 - Remote Code Execution or Denial of Service via Crafted .ml File
SciLexer.dll in Scintilla in Notepad++ (x64) before 7.7 allows remote code execution or denial of service via Unicode characters in a crafted .ml file.
by Bogdan Kurinnoy
CVSS 7.8
Windows 10 1703-1903 and Windows Server 1803-2019 - Privilege Escalation via AppX Deployment Server Junction Handling
An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1215, CVE-2019-1278, CVE-2019-1303.
by Gabor Seljan
CVSS 7.8
CollegeManagementSystem-CMS 1.3 - 'batch' SQL Injection
by cakes
Symantec Advanced Secure Gateway and ProxySG - Unrestricted File Upload via Management Console
Unrestricted file upload vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A malicious appliance administrator can upload arbitrary malicious files to the management console and trick another administrator user into downloading and executing malicious code.
by Pankaj Kumar Thakur
CVSS 6.8
By Source