Text Exploits
31,386 exploits tracked across all sources.
portier 4.4.4.2-4.4.4.6 - SQL Injection via Login and Key Ring Search Parameters
An issue was discovered in portier vision 4.4.4.2 and 4.4.4.6. Due to a lack of user input validation in parameter handling, it has various SQL injections, including on the login form, and on the search form for a key ring number.
by SySS GmbH
CVSS 9.8
Windows - Elevation of Privilege via Improper Authentication Handling
An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka "Microsoft Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
by Google Security Research
CVSS 7.8
Windows Data Sharing Service - Privilege Escalation
An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka "Windows Data Sharing Service Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers. This CVE ID is unique from CVE-2019-0571, CVE-2019-0572, CVE-2019-0573.
by Google Security Research
CVSS 7.8
Windows Data Sharing Service - Privilege Escalation
An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka "Windows Data Sharing Service Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers. This CVE ID is unique from CVE-2019-0571, CVE-2019-0573, CVE-2019-0574.
by Google Security Research
CVSS 7.8
Windows Data Sharing Service - Privilege Escalation
An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka "Windows Data Sharing Service Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers. This CVE ID is unique from CVE-2019-0571, CVE-2019-0572, CVE-2019-0574.
by Google Security Research
CVSS 7.8
Windows Data Sharing Service - Privilege Escalation
An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka "Windows Data Sharing Service Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers. This CVE ID is unique from CVE-2019-0572, CVE-2019-0573, CVE-2019-0574.
by Google Security Research
CVSS 7.8
Windows COM Desktop Broker - Privilege Escalation
An elevation of privilege exists in Windows COM Desktop Broker, aka "Windows COM Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2019, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers.
by Google Security Research
CVSS 8.8
Microsoft Edge - Privilege Escalation
An elevation of privilege vulnerability exists in Microsoft Edge Browser Broker COM object, aka "Microsoft Edge Elevation of Privilege Vulnerability." This affects Microsoft Edge.
by Google Security Research
CVSS 8.8
Real Estate Custom Script 2.0 - SQL Injection
by Ihsan Sencan
Live Call Support Widget 1.5 - Remote Code Execution / SQL Injection
by Ihsan Sencan
Find a Place CMS Directory 1.5 - SQL Injection
by Ihsan Sencan
Craigs Classified Ads CMS Theme 1.0.2 - SQL Injection
by Ihsan Sencan
Bigcart - Ecommerce Multivendor System 1.0 - SQL Injection
by Ihsan Sencan
AudioCodes IP phone 420HD <2.2.12.126 - RCE
AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow Remote Code Execution.
by Sysdream
CVSS 8.8
Joomla! Component JoomProject 1.1.3.2 Information Disclosure
Joomla! Component JoomProject 1.1.3.2 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive user data by exploiting the projects endpoint. Attackers can send requests to index.php with option=com_jpprojects&view=projects&tmpl=component&format=json parameters to retrieve user IDs, names, and email addresses in JSON format.
by Ihsan Sencan
CVSS 7.5
Joomla! Component JoomCRM 1.1.1 SQL Injection via deal_id
Joomla! Component JoomCRM 1.1.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the deal_id parameter. Attackers can send GET requests to index.php with option=com_joomcrm&view=contacts and inject SQL code in the deal_id parameter to extract sensitive database information including table names and schemas.
by Ihsan Sencan
CVSS 7.1
Adapt Inventory Management System 1.0 - SQL Injection
by Ihsan Sencan
eBrigade ERP 4.5 SQL Injection via pdf.php
eBrigade ERP 4.5 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to pdf.php with crafted SQL payloads in the 'id' parameter to extract sensitive database information including table names and schema details.
by Ihsan Sencan
CVSS 7.1
PEAR Archive_Tar <1.4.3 - Code Injection
PEAR Archive_Tar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the Archive_Tar class. There are several file operations with `$v_header['filename']` as parameter (such as file_exists, is_file, is_dir, etc). When extract is called without a specific prefix path, we can trigger unserialization by crafting a tar file with `phar://[path_to_malicious_phar_file]` as path. Object injection can be used to trigger destruct in the loaded PHP classes, e.g. the Archive_Tar class itself. With Archive_Tar object injection, arbitrary file deletion can occur because `@unlink($this->_temp_tarname)` is called. If another class with useful gadget is loaded, it may possible to cause remote code execution that can result in files being deleted or possibly modified. This vulnerability appears to have been fixed in 1.4.4.
by Fariskhi Vidyan
CVSS 8.8
By Source