Text Exploits
31,386 exploits tracked across all sources.
OPNsense 19.1 - Reflected Cross-Site Scripting via vpn_ipsec_settings.php passthrough_networks Parameter
OPNsense 19.1 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by exploiting the passthrough_networks parameter in vpn_ipsec_settings.php. Attackers can craft POST requests with JavaScript payloads in the passthrough_networks parameter to execute arbitrary code in users' browsers.
by Ozer Goker
CVSS 6.1
OPNsense 19.1 - Authenticated Stored Cross-Site Scripting via Firewall Rules Category Parameter
OPNsense 19.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input to the category parameter. Attackers can send POST requests to firewall_rules_edit.php with script payloads in the category field to execute arbitrary JavaScript in the browsers of other users accessing firewall rule pages.
by Ozer Goker
CVSS 6.4
OPNsense 19.1 - Unauthenticated Reflected Cross-Site Scripting via diag_traceroute.php Host Parameter
OPNsense 19.1 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by exploiting insufficient input validation in the host parameter. Attackers can submit crafted payloads through POST requests to diag_traceroute.php to execute arbitrary JavaScript in the context of a user's browser session.
by Ozer Goker
CVSS 6.1
OPNsense 19.1 - Reflected Cross-Site Scripting via interfaces_vlan_edit.php Parameters
OPNsense 19.1 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input through multiple parameters. Attackers can send POST requests to interfaces_vlan_edit.php with script payloads in the tag, descr, or vlanif parameters to execute arbitrary JavaScript in users' browsers.
by Ozer Goker
CVSS 6.1
OPNsense 19.1 - Stored Cross-Site Scripting via System Advanced Sysctl Tunable Parameter
OPNsense 19.1 contains a stored cross-site scripting vulnerability in the system_advanced_sysctl.php endpoint that allows attackers to inject persistent malicious scripts via the tunable parameter. Attackers can submit POST requests with script payloads that are stored and executed in the context of authenticated user sessions when the page is viewed.
by Ozer Goker
CVSS 6.4
OPNsense 19.1 - Cross-Site Scripting via diag_backup.php Parameters
OPNsense 19.1 contains multiple cross-site scripting vulnerabilities in the diag_backup.php endpoint that allow attackers to inject malicious scripts through multiple parameters including GDrive_GDriveEmail, GDrive_GDriveFolderID, GDrive_GDriveBackupCount, Nextcloud_url, Nextcloud_user, Nextcloud_password, Nextcloud_password_encryption, and Nextcloud_backupdir. Attackers can submit POST requests with script payloads in these parameters to execute arbitrary JavaScript in the context of authenticated administrator sessions.
by Ozer Goker
CVSS 5.4
OPNsense 19.1 - Unauthenticated Reflected Cross-Site Scripting via diag_ping.php Host Parameter
OPNsense 19.1 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by exploiting insufficient input validation in the host parameter. Attackers can submit crafted POST requests to the diag_ping.php endpoint with script payloads in the host parameter to execute arbitrary JavaScript in users' browsers.
by Ozer Goker
CVSS 6.1
Android - Use-After-Free in binder.c
In several functions of binder.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-120025789.
by Google Security Research
CVSS 7.8
Android - Use-After-Free in Binder Allocator
In binder_alloc_free_page of binder_alloc.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-120025196.
by Google Security Research
CVSS 7.8
IPFire 2.21 Core Update 127 - Reflected Cross-Site Scripting via updatexlrator.cgi Parameters
IPFire 2.21 Core Update 127 contains a reflected cross-site scripting vulnerability in the updatexlrator.cgi script that allows attackers to inject malicious scripts through POST parameters. Attackers can submit crafted requests with script payloads in the MAX_DISK_USAGE or MAX_DOWNLOAD_RATE parameters to execute arbitrary JavaScript in users' browsers.
by Ozer Goker
CVSS 6.1
IPFire 2.21 Core Update 127 - Reflected Cross-Site Scripting in fwhosts.cgi via Multiple Parameters
IPFire 2.21 Core Update 127 contains multiple reflected cross-site scripting vulnerabilities in the fwhosts.cgi script that allow attackers to inject malicious scripts through multiple parameters including HOSTNAME, IP, SUBNET, NETREMARK, HOSTREMARK, newhost, grp_name, remark, SRV_NAME, SRV_PORT, SRVGRP_NAME, SRVGRP_REMARK, and updatesrvgrp. Attackers can submit POST requests with script payloads in these parameters to execute arbitrary JavaScript in the context of authenticated users' browsers.
by Ozer Goker
CVSS 5.4
IPFire 2.21 Core Update 127 - Stored Cross-Site Scripting via extrahd.cgi FS PATH and UUID Parameters
IPFire 2.21 Core Update 127 contains multiple stored cross-site scripting vulnerabilities in the extrahd.cgi script that allow attackers to inject malicious scripts through the FS, PATH, and UUID parameters. Attackers can submit POST requests with script payloads in these parameters to execute arbitrary JavaScript in the context of authenticated administrator sessions.
by Ozer Goker
CVSS 6.4
IPFire 2.21 Core Update 127 - Cross-Site Scripting via ovpnmain.cgi VPN Configuration Parameters
IPFire 2.21 Core Update 127 contains multiple cross-site scripting vulnerabilities in the ovpnmain.cgi script that allow attackers to inject malicious scripts through VPN configuration parameters. Attackers can submit POST requests with script payloads in parameters like VPN_IP, DMTU, ccdname, ccdsubnet, DOVPN_SUBNET, DHCP_DOMAIN, DHCP_DNS, DHCP_WINS, ROUTES_PUSH, FRAGMENT, KEEPALIVE_1, and KEEPALIVE_2 to execute arbitrary JavaScript in administrator browsers.
by Ozer Goker
CVSS 6.1
IPFire 2.21 Core Update 127 - Reflected Cross-Site Scripting via hosts.cgi Parameters
IPFire 2.21 Core Update 127 contains multiple reflected cross-site scripting vulnerabilities in the hosts.cgi script that allow attackers to inject malicious scripts through unvalidated parameters. Attackers can submit POST requests with script payloads in the KEY1, IP, HOST, or DOM parameters to execute arbitrary JavaScript in users' browsers.
by Ozer Goker
CVSS 6.1
Smoothwall Express 3.1-SP4 Stored XSS via HOSTNAME/KEYMAP/OPENNESS Parameters
Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple stored cross-site scripting vulnerabilities in the preferences.cgi script that allow attackers to inject malicious scripts through the HOSTNAME, KEYMAP, and OPENNESS parameters. Attackers can submit POST requests with script payloads to preferences.cgi to store malicious code that executes in the browsers of users accessing the preferences page.
by Ozer Goker
CVSS 7.2
Smoothwall Express 3.1-SP4-polar-x86_64-update9 - Stored Cross-Site Scripting in modem.cgi
Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple stored cross-site scripting vulnerabilities in the modem.cgi script that allow attackers to inject malicious scripts through POST parameters. Attackers can submit crafted payloads in parameters like INIT, HANGUP, SPEAKER_ON, SPEAKER_OFF, TONE_DIAL, and PULSE_DIAL to execute arbitrary JavaScript in users' browsers when the stored data is retrieved.
by Ozer Goker
CVSS 7.2
Smoothwall Express 3.1-SP4 - Unauthenticated XSS via smoothinfo.cgi WRAP/SECTIONTITLE
Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by exploiting insufficient input validation. Attackers can submit POST requests to the smoothinfo.cgi endpoint with script payloads in the WRAP or SECTIONTITLE parameters to execute arbitrary JavaScript in victim browsers.
by Ozer Goker
CVSS 6.1
Smoothwall Express 3.1-SP4-polar-x86_64-update9 - Unauthenticated Reflected Cross-Site Scripting via IP Parameter
Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the IP parameter. Attackers can send POST requests to the iptools.cgi endpoint with script payloads in the IP parameter to execute arbitrary JavaScript in victim browsers.
by Ozer Goker
CVSS 6.1
Smoothwall Express 3.1-SP4-polar-x86_64-update9 - Reflected Cross-Site Scripting in interfaces.cgi
Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vulnerabilities in the interfaces.cgi script that allow attackers to inject malicious scripts through multiple parameters including GREEN_ADDRESS, GREEN_NETMASK, RED_DHCP_HOSTNAME, RED_ADDRESS, DNS1_OVERRIDE, DNS2_OVERRIDE, RED_MAC, RED_NETMASK, DEFAULT_GATEWAY, DNS1, and DNS2. Attackers can craft POST requests to interfaces.cgi with script payloads in these parameters to execute arbitrary JavaScript in the context of authenticated administrator sessions.
by Ozer Goker
CVSS 5.4
Smoothwall Express 3.1-SP4-polar-x86_64-update9 - Unauthenticated Reflected Cross-Site Scripting via MACHINES Parameter
Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the MACHINES parameter. Attackers can craft requests to the timedaccess.cgi endpoint with script payloads in the MACHINES parameter to execute arbitrary JavaScript in users' browsers.
by Ozer Goker
CVSS 6.1
Smoothwall Express 3.1-SP4-polar-x86_64-update9 - Reflected XSS via ipblock.cgi SRC_IP/COMMENT
Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted input to the ipblock.cgi endpoint. Attackers can inject script tags through the SRC_IP and COMMENT parameters in POST requests to execute arbitrary JavaScript in users' browsers.
by Ozer Goker
CVSS 6.1
Smoothwall Express 3.1-SP4 Unauthenticated XSS via xtaccess.cgi
Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted input to the xtaccess.cgi endpoint. Attackers can inject script payloads through the EXT, DEST_PORT, or COMMENT parameters via POST requests to execute arbitrary JavaScript in victim browsers.
by Ozer Goker
CVSS 6.1
Smoothwall Express 3.1-SP4-polar-x86_64-update9 - Reflected Cross-Site Scripting via dmzholes.cgi Parameters
Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vulnerabilities in the dmzholes.cgi script that allow attackers to inject malicious scripts through unvalidated parameters. Attackers can submit POST requests with script payloads in the SRC_IP, DEST_IP, or COMMENT parameters to execute arbitrary JavaScript in users' browsers.
by Ozer Goker
CVSS 6.1
Smoothwall Express 3.1-SP4 Reflected XSS via MACHINE/MACHINECOMMENT
Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the MACHINE and MACHINECOMMENT parameters. Attackers can send POST requests to the outgoing.cgi endpoint with script payloads to execute arbitrary JavaScript in users' browsers and steal session data.
by Ozer Goker
CVSS 6.1
By Source