Text Exploits
31,386 exploits tracked across all sources.
FaceSentry Access Control System 6.4.8 - CSRF
FaceSentry Access Control System 6.4.8 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages to change administrator passwords, add new admin users, or open access control doors by tricking authenticated users into loading a specially crafted webpage.
by LiquidWorm
CVSS 4.3
ZoneMinder 1.32.3 - Stored Cross-Site Scripting in Filters Page Name Field
Stored XSS in the Filters page (Name field) in ZoneMinder 1.32.3 allows a malicious user to embed and execute JavaScript code in the browser of any user who navigates to this page.
by Joey Lane
CVSS 5.4
CyberPower PowerPanel Business Edition 3.4.0 - Stored Cross-Site Scripting in SNMP Trap Receivers Form
A stored XSS vulnerability in the Agent/Center component of CyberPower PowerPanel Business Edition 3.4.0 allows a privileged attacker to embed malicious JavaScript in the SNMP trap receivers form. Upon visiting the /agent/action_recipient Event Action/Recipient page, the embedded code will be executed in the browser of the victim.
by Joey Lane
CVSS 5.4
SAP Crystal Reports for Visual Studio - Cleartext Storage of Sensitive Database Credentials
The .NET SDK WebForm Viewer in SAP Crystal Reports for Visual Studio (fixed in version 2010) discloses sensitive database information including credentials which can be misused by the attacker.
by Mohamed M.Fouad
CVSS 9.8
Firefox < 60.7.1, < 67.0.3 and Thunderbird < 60.7.2 - Type Confusion via Array.pop
A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 60.7.1, Firefox < 67.0.3, and Thunderbird < 60.7.2.
by Google Security Research
CVSS 8.8
Live Chat Unlimited 2.8.3 Stored Cross-Site Scripting
Live Chat Unlimited 2.8.3 contains a stored cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts through the chat input field. Attackers can submit payloads containing script tags and event handlers that execute in the admin area, enabling cookie theft or forced redirects to malicious websites.
by m0ze
CVSS 6.1
hidea AZ Admin 1.0 - SQL Injection via news_det.php cod Parameter
hidea.com AZ Admin 1.0 has news_det.php?cod= SQL Injection.
by felipe andrian
CVSS 9.8
GSearch 1.0.1.0 Denial of Service via Search Input
GSearch 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by inputting an excessively long string in the search bar. Attackers can paste a buffer of 2000 characters into the search field, click search, and select any result to trigger an application crash.
by 0xB9
CVSS 5.5
Windows - Elevation of Privilege via ALPC Call Handling
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).
An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control over an affected system.
The update addresses the vulnerability by correcting how Windows handles calls to ALPC.
by Google Security Research
CVSS 7.8
Windows Common Log File System - Privilege Escalation
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system.
The security update addresses the vulnerability by correcting how CLFS handles objects in memory.
by Google Security Research
CVSS 7.0
seeddms < 5.1.11 - Remote Command Execution via Unvalidated PHP File Upload
SeedDMS before 5.1.11 allows Remote Command Execution (RCE) because of unvalidated file upload of PHP scripts, a different vulnerability than CVE-2018-12940.
by Nimit Jain
CVSS 7.5
SeedDMS < 5.1.11 - Stored Cross-Site Scripting via Name Field
out/out.UsrMgr.php in SeedDMS before 5.1.11 allows Stored Cross-Site Scripting (XSS) via the name field.
by Nimit Jain
CVSS 5.4
SeedDMS 5.1.11 - Stored Cross-Site Scripting via Group Name
out/out.GroupMgr.php in SeedDMS 5.1.11 has Stored XSS by making a new group with a JavaScript payload as the "GROUP" Name.
by Nimit Jain
CVSS 6.1
EA Origin 10.5.36 - Remote Code Execution via Origin2 URI Handler Template Injection
The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. This can be used to escape the underlying AngularJS sandbox and achieve remote code execution via an origin2://game/launch URL for QtApplication QDesktopServices communication.
by Metin Yunus Kandemir
CVSS 7.8
Electronic Arts Origin <10.5.39 - Code Injection
An issue was discovered in Electronic Arts Origin before 10.5.39. Due to improper sanitization of the origin:// and origin2:// URI schemes, it is possible to inject additional arguments into the Origin process and ultimately leverage code execution by loading a backdoored Qt plugin remotely via the platformpluginpath argument supplied with a Windows network share.
by Dominik Penner
CVSS 8.8
Sahi Pro < 8.0.0 - SQL Injection via Web Reports Module Parameter
An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A parameter in the web reports module is vulnerable to h2 SQL injection. This can be exploited to inject SQL queries and run standard h2 system functions.
by Goutham Madhwaraj
CVSS 9.8
Sahi Pro < 8.0.0 - Stored Cross-Site Scripting in Logs Web Interface
An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. The logs web interface is vulnerable to stored XSS.
by Goutham Madhwaraj
CVSS 5.4
Sahi Pro < 8.0.0 - Directory Traversal in Web Reports Module
An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A directory traversal (arbitrary file access) vulnerability exists in the web reports module. This allows an outside attacker to view contents of sensitive files.
by Goutham Madhwaraj
CVSS 7.5
Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 - Unauthenticated Remote Root Access via Hardcoded TELNET Credentials
On Shenzhen Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 devices, an attacker on the network can login remotely to the camera and gain root access. The device ships with a hardcoded 12345678 password for the root account, accessible from a TELNET login prompt.
by Alex Akinbi
CVSS 9.8
Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 - Unauthenticated SD Card Access via HTTP Service
On Shenzhen Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 devices, an attacker on the local network has unauthenticated access to the internal SD card via the HTTP service on port 8000. The HTTP web server on the camera allows anyone to view or download the video archive recorded and saved on the external memory card attached to the device.
by Alex Akinbi
CVSS 5.5
Microsoft Windows - UAC Protection Bypass (Via Slui File Handler Hijack) (PowerShell)
by Gushmazuko
Hosting Controller HC10 10.14 - DoS
The HC.Server service in Hosting Controller HC10 10.14 allows an Invalid Pointer Write DoS.
by hyp3rlinx
CVSS 7.5
By Source