Text Exploits
31,346 exploits tracked across all sources.
Wikidforum - SQL Injection
WikidForum 2.20 has SQL Injection via the rpc.php parent_post_id or num_records parameter, or the index.php?action=search select_sort parameter.
by seccops
CVSS 9.8
Seqrite End Point Security <7.4 - Privilege Escalation
Seqrite End Point Security v7.4 has "Everyone: (F)" permission for %PROGRAMFILES%\Seqrite\Seqrite, which allows local users to gain privileges by replacing an executable file with a Trojan horse.
by Hashim Jawad
CVSS 7.8
Artifex Ghostscript < 9.25 - Error Information Exposure
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183.
by Google Security Research
CVSS 8.6
net-snmp <5.7.2 - DoS
The snmp_pdu_parse function in snmp_api.c in net-snmp 5.7.2 and earlier does not remove the varBind variable in a netsnmp_variable_list item when parsing of the SNMP PDU fails, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet.
by Magnus Klaaborg Stubman
CVSS 7.5
Net-snmp < 5.8 - NULL Pointer Dereference
_set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
by Magnus Klaaborg Stubman
CVSS 6.5
Google Android - Memory Corruption
In sdcardfs_create and sdcardfs_mkdir of inode.c, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-111641492 References: N/A
by Google Security Research
CVSS 7.8
FLIR thermal traffic cameras - Info Disclosure
FLIR thermal traffic cameras contain an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can directly retrieve video streams by accessing specific endpoints like /live.mjpeg, /snapshot.jpg, and RTSP streaming URLs without authentication.
by LiquidWorm
CVSS 7.5
Chamilo LMS 1.11.8 - 'firstname' Cross-Site Scripting
by cakes
D-Link Central WiFi Manager <1.03r0100-Beta1 - RCE
An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. An unrestricted file upload vulnerability in the onUploadLogPic endpoint allows remote authenticated users to execute arbitrary PHP code.
by Core Security
CVSS 8.8
D-Link Central WiFi Manager <1.03r0100-Beta1 - XSS
An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. The 'username' parameter of the addUser endpoint is vulnerable to stored XSS.
by Core Security
CVSS 6.1
D-Link Central WiFi Manager <1.03r0100-Beta1 - RCE
An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. They expose an FTP server that serves by default on port 9000 and has hardcoded credentials (admin, admin). Taking advantage of this, a remote unauthenticated attacker could execute arbitrary PHP code by uploading any file in the web root directory and then accessing it via a request.
by Core Security
CVSS 9.8
D-Link Central WiFi Manager <1.03r0100-Beta1 - XSS
An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. The 'sitename' parameter of the UpdateSite endpoint is vulnerable to stored XSS.
by Core Security
CVSS 6.1
Malicious Git HTTP Server For CVE-2018-17456
Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.
by Junio C Hamano
CVSS 9.8
Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Request Forgery (Add Admin)
by cakes
Layerbb - SQL Injection
LayerBB 1.1.1 and 1.1.3 has SQL Injection via the search.php search_query parameter.
by Ihsan Sencan
CVSS 9.8
Rejected
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
by vr_system
AirTies Air 5343v2 <1.0.0.18 - XSS
AirTies Air 5343v2 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
by Ismail Tasdelen
CVSS 6.1
AirTies Air 5442 <1.0.0.18 - XSS
AirTies Air 5442 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
by Ismail Tasdelen
CVSS 6.1
AirTies Air 5021 <1.0.0.18 - XSS
AirTies Air 5021 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
by Ismail Tasdelen
CVSS 6.1
AirTies Air 5750 <1.0.0.18 - XSS
AirTies Air 5750 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
by Ismail Tasdelen
CVSS 6.1
Jimtawl 2.2.7 - SQL Injection
SQL Injection exists in the Jimtawl 2.2.7 component for Joomla! via the id parameter.
by Ihsan Sencan
CVSS 9.8
RICOH MP C307 - XSS
On the RICOH MP C307 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
by Ismail Tasdelen
CVSS 6.1
By Source