Text Exploits
31,386 exploits tracked across all sources.
Joomla! Component JS Jobs (com_jsjobs) 1.2.5 - 'customfields.php' SQL Injection
by qw3rTyTy
UNA 10.0.0-RC1 - Stored Cross-Site Scripting via System Name Field in Email Template Editor
studio/polyglot.php?page=etemplates in UNA 10.0.0-RC1 allows XSS via the System Name field under Emails during template editing.
by Greg.Priest
CVSS 4.8
osTicket <1.10.7/1.12.x<1.12.1 - Unrestricted File Upload & Stored XSS via Ticket Form
An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. The Ticket creation form allows users to upload files along with queries. It was found that the file-upload functionality has fewer (or no) mitigations implemented for file content checks; also, the output is not handled properly, causing persistent XSS that leads to cookie stealing or malicious actions. For example, a non-agent user can upload a .html file, and Content-Disposition will be set to inline instead of attachment.
by Aishwarya Iyer
CVSS 5.4
osTicket < 1.10.7 and 1.12.x < 1.12.1 - Stored Cross-Site Scripting in Installer Firstname/Lastname Fields
An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. Stored XSS exists in setup/install.php. It was observed that no input sanitization was provided in the firstname and lastname fields of the application. The insertion of malicious queries in those fields leads to the execution of those queries. This can further lead to cookie stealing or other malicious actions.
by Aishwarya Iyer
CVSS 6.1
osTicket <1.10.7, <1.12.1 - Code Injection
An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. CSV (aka Formula) injection exists in the export spreadsheets functionality. These spreadsheets are generated dynamically from unvalidated or unfiltered user input in the Name and Internal Notes fields in the Users tab, and the Issue Summary field in the tickets tab. This allows other agents to download data in a .csv file format or .xls file format. This is used as input for spreadsheet applications such as Excel and OpenOffice Calc, resulting in a situation where cells in the spreadsheets can contain input from an untrusted source. As a result, the end user who is accessing the exported spreadsheet can be affected.
by Aishwarya Iyer
CVSS 8.8
Joomla! Component JS Support Ticket (com_jssupportticket) 1.1.6 - 'ticketreply.php' SQL Injection
by qw3rTyTy
Joomla! Component JS Support Ticket (com_jssupportticket) 1.1.6 - 'ticket.php' Arbitrary File Deletion
by qw3rTyTy
Joomla! Component JS Jobs (com_jsjobs) 1.2.5 - 'cities.php' SQL Injection
by qw3rTyTy
Best Soft Inc. (BSI) Advance Hotel Booking System 2.0 - XSS
Cross-site scripting (XSS) vulnerability in booking_details.php in Best Soft Inc. (BSI) Advance Hotel Booking System 2.0 allows remote attackers to inject arbitrary web script or HTML via the title parameter.
by Angelo Ruwantha
iCloud < 7.13 - Universal Cross-Site Scripting via Malicious Web Content
A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting.
by Google Security Research
CVSS 6.1
Open-School 3.0 and Community Edition 2.3 - Cross-Site Scripting via Guardians Create ID Parameter
Open-School 3.0, and Community Edition 2.3, allows XSS via the osv/index.php?r=students/guardians/create id parameter.
by Greg.Priest
CVSS 6.1
Joomla! Component JS Support Ticket (component com_jssupportticket) 1.1.5 - SQL Injection
by qw3rTyTy
Joomla! Component JS Support Ticket (component com_jssupportticket) 1.1.5 - Arbitrary File Download
by qw3rTyTy
Daily Expense Manager 1.0 - Cross-Site Request Forgery (Delete Income)
by Mr Winst0n
Schben Adive 2.0.7 - Cross-Site Request Forgery in Admin Config
Internal/Views/config.php in Schben Adive 2.0.7 allows admin/config CSRF to change a user password.
by Pablo Santiago
CVSS 8.8
Aptana Jaxer 1.0.3.4547 - Info Disclosure
Aptana Jaxer 1.0.3.4547 is vulnerable to a local file inclusion vulnerability in the wikilite source code viewer. This vulnerability allows a remote attacker to read internal files on the server via a tools/sourceViewer/index.html?filename=../ URI.
by Steph Jensen
CVSS 6.5
BearDev JoomSport <3.3 - SQL Injection
The BearDev JoomSport plugin 3.3 for WordPress allows SQL injection to steal, modify, or delete database information via the joomsport_season/new-yorkers/?action=playerlist sid parameter.
by Pablo Santiago
CVSS 9.8
macOS < 10.14.6 - Remote Code Execution via Use-After-Free
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Mojave 10.14.6. A remote attacker may be able to cause arbitrary code execution.
by Google Security Research
CVSS 9.8
sar2html <3.2.2 - Command Injection
An OS command injection vulnerability exists in sar2html version 3.2.2 and prior via the plot parameter in index.php. The application fails to sanitize user-supplied input before using it in a system-level context. Remote, unauthenticated attackers can inject shell commands by appending them to the plot parameter (e.g., ?plot=;id) in a crafted GET request. The output of the command is displayed in the application's interface after interacting with the host selection UI. Successful exploitation leads to arbitrary command execution on the underlying system. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-04 UTC.
by Cemal Cihad ÇİFTÇİ
Rest - Cafe and Restaurant Website CMS - 'slug' SQL Injection
by n1x_
1CRM On-Premise Software 8.5.7 - XSS
1CRM On-Premise Software 8.5.7 allows XSS via a payload that is mishandled during a Run Report operation.
by Kusol Watchara-Apanukorn
CVSS 5.4
WebIncorp ERP - Unauthenticated SQL Injection via prod_id Parameter
WebIncorp ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the prod_id parameter. Attackers can send GET requests to product_detail.php with malicious prod_id values to extract sensitive database information.
by n1x_
CVSS 8.2
WEB STUDIO Ultimate Loan Manager 2.0 - XSS
XSS exists in WEB STUDIO Ultimate Loan Manager 2.0 by adding a branch under the Branches button that sets the notes parameter with crafted JavaScript code.
by Metin Yunus Kandemir
CVSS 6.1
Oracle Hyperion Planning 11.1.2.4 - XML External Entity Injection
Vulnerability in the Oracle Hyperion Planning component of Oracle Hyperion (subcomponent: Security). The supported version that is affected is 11.1.2.4. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Hyperion Planning. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Hyperion Planning accessible data. CVSS 3.0 Base Score 4.2 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:N).
by Lucas Dinucci
CVSS 4.2
By Source