Text Exploits
31,386 exploits tracked across all sources.
Web Ofisi Firma Rehberi v1 - SQL Injection
Web Ofisi Firma Rehberi v1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through GET parameters. Attackers can send requests to with malicious payloads in the 'il', 'kat', or 'kelime' parameters to extract sensitive database information or perform time-based blind SQL injection attacks.
by Ahmet Ümit BAYRAM
CVSS 9.8
Web Ofisi Firma v13 - SQL Injection
Web Ofisi Firma v13 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'oz' array parameter. Attackers can send GET requests to category pages with malicious 'oz[]' values using time-based blind SQL injection payloads to extract sensitive database information.
by Ahmet Ümit BAYRAM
CVSS 7.5
Web-ofisi Emlak v2 - Unauthenticated SQL Injection via 'ara' GET Parameter
Web Ofisi Emlak v2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'ara' GET parameter. Attackers can send requests to with time-based SQL injection payloads to extract sensitive database information or cause denial of service.
by Ahmet Ümit BAYRAM
CVSS 9.1
Web Ofisi E-Ticaret v3 - SQL Injection
Web Ofisi E-Ticaret v3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'a' parameter. Attackers can send GET requests to with malicious 'a' parameter values to extract sensitive database information.
by Ahmet Ümit BAYRAM
CVSS 7.5
REDCap 8.0-8.10.2 - Stored Cross-Site Scripting in Admin Panel and Survey System
Multiple stored Cross-site scripting (XSS) issues in the admin panel and survey system in REDCap 8 before 8.10.20 and 9 before 9.1.2 allow an attacker to inject arbitrary malicious HTML or JavaScript code into a user's web browser.
by Alexandre ZANNI
CVSS 4.8
Windows RPCSS - Authenticated Privilege Escalation via Improper RPC Request Handling
An elevation of privilege vulnerability exists in rpcss.dll when the RPC service Activation Kernel improperly handles an RPC request. To exploit this vulnerability, a low level authenticated attacker could run a specially crafted application. The security update addresses this vulnerability by correcting how rpcss.dll handles these requests., aka 'Windows RPCSS Elevation of Privilege Vulnerability'.
by Google Security Research
CVSS 7.8
WordPress Plugin OneSignal 1.17.5 - 'subdomain' Persistent Cross-Site Scripting
by LiquidWorm
MAPLE WBT SNMP Admin <2.0.195.15 - Buffer Overflow
SnmpAdm.exe in MAPLE WBT SNMP Administrator v2.0.195.15 has an Unauthenticated Remote Buffer Overflow via a long string to the CE Remote feature listening on Port 987.
by hyp3rlinx
CVSS 9.8
Oracle Siebel CRM 19.0 - Persistent Cross-Site Scripting
by Sarath Nair
Linux Polkit pkexec helper PTRACE_TRACEME local root exploit
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.
by Google Security Research
CVSS 7.8
Microsoft Compiled HTML Help / Uncompiled .chm File - XML External Entity Injection
by hyp3rlinx
Webpanel - Information Disclosure
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, the Login process allows attackers to check whether a username is valid by reading the HTTP response.
by Pongtorn Angsuchotmetee_ Nissana Sirijirakal_ Narin Boonwasanarak
CVSS 5.3
Webpanel - Unrestricted File Upload
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, a cwpsrv-xxx cookie allows a normal user to craft and upload a session file to the /tmp directory, and use it to become the root user.
by Pongtorn Angsuchotmetee_ Nissana Sirijirakal_ Narin Boonwasanarak
CVSS 7.5
CentOS Web Panel 0.9.8.838-0.9.8.846 - Auth Bypass
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.838 to 0.9.8.846, remote attackers can bypass authentication in the login process by leveraging the knowledge of a valid username. The attacker must defeat an encoding that is not equivalent to base64, and thus this is different from CVE-2019-13360.
by Pongtorn Angsuchotmetee
CVSS 8.8
FlightPath 4.x-5.0.x - Path Traversal and Local File Inclusion via form_include Parameter
FlightPath 4.x and 5.0-x allows directory traversal and Local File Inclusion through the form_include parameter in an index.php?q=system-handle-form-submit POST request because of an include_once in system_handle_form_submit in modules/system/system.module.
by Mohammed Althibyani
CVSS 5.3
Netgear WiFi Router JWNR2010v5 / R6080 - Authentication Bypass
by Wadeek
Cisco Small Business 200, 300, and 500 Series Switches - Unauthenticated Open Redirect via HTTP Request Parameter
A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Switches software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of the parameters of an HTTP request. An attacker could exploit this vulnerability by intercepting a user's HTTP request and modifying it into a request that causes the web interface to redirect the user to a specific malicious URL. This type of vulnerability is known as an open redirect attack and is used in phishing attacks that get users to unknowingly visit malicious sites.
by Ramikan
CVSS 4.7
Android 7.0-9 - Out-of-bounds Write in ihevcd_parse_pps
In ihevcd_parse_pps of ihevcd_parse_headers.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-130024844.
by Marcin Kozlowski
CVSS 8.8
Windows - Security Feature Bypass via NETLOGON Message Session Key Exposure
A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages.
To exploit this vulnerability, an attacker could send a specially crafted authentication request. An attacker who successfully exploited this vulnerability could access another machine using the original user privileges.
The issue has been addressed by changing how NTLM validates network authentication messages.
by Google Security Research
CVSS 8.5
Microsoft Font Subsetting - DLL Heap Corruption in ComputeFormat4CmapData
by Google Security Research
MyT 1.5.1 Username - Cross-Site Scripting
In MyT 1.5.1, the User[username] parameter has XSS.
by Metin Yunus Kandemir
CVSS 6.1
Jenkins Dependency Graph Viewer Plugin < 0.13 - Stored Cross-Site Scripting
A stored cross site scripting vulnerability in Jenkins Dependency Graph Viewer Plugin 0.13 and earlier allowed attackers able to configure jobs in Jenkins to inject arbitrary HTML and JavaScript in the plugin-provided web pages in Jenkins.
by Ishaq Mohammed
CVSS 5.4
Tenda D301 v2 Modem Router - Persistent Cross-Site Scripting
by ABDO10
Sitecore XP 9.0.171002 Authenticated Stored XSS in Media Library
In Sitecore 9.0 rev 171002, Persistent XSS exists in the Media Library and File Manager. An authenticated unprivileged user can modify the uploaded file extension parameter to inject arbitrary JavaScript.
by Owais Mehtab
CVSS 5.4
By Source