Text Exploits
31,346 exploits tracked across all sources.
Apache Pluto < 3.0.1 - Information Disclosure
The PortletV3AnnotatedDemo Multipart Portlet war file code provided in Apache Pluto version 3.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to restrict path information provided during a file upload. An attacker could exploit this vulnerability to obtain configuration data and other sensitive information.
by Che-Chun Kuo
CVSS 7.5
Chrome OS 10820.0.0 dev-channel - app->VM via garcon TCP Command Socket
by Google Security Research
Linux 4.18 - Arbitrary Kernel Read into dmesg via Missing Address Check in segfault Handler
by Google Security Research
Synametrics Synaman - Insufficiently Protected Credentials
Synametrics SynaMan 4.0 build 1488 uses cleartext password storage for SMTP credentials.
by bzyo
CVSS 7.8
Synametrics Synaman - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Synametrics SynaMan 4.0 build 1488 via the (1) Main heading or (2) Sub heading fields in the Partial Branding configuration page.
by bzyo
CVSS 4.8
Mybb - XSS
An issue was discovered in inc/class_feedgeneration.php in MyBB 1.8.17. On the forum RSS Syndication page, one can generate a URL such as http://localhost/syndication.php?fid=&type=atom1.0&limit=15. The thread titles (within title elements of the generated XML documents) aren't sanitized, leading to XSS.
by 0xB9
CVSS 6.1
IBM Security Identity Governance And Intelligence - SQL Injection
IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, information in the back-end database. IBM X-Force ID: 148599.
by Mohamed Sayed
CVSS 7.5
Rubedo <3.4.0 - Path Traversal
Rubedo through 3.4.0 contains a Directory Traversal vulnerability in the theme component, allowing unauthenticated attackers to read and execute arbitrary files outside of the service root path, as demonstrated by a /theme/default/img/%2e%2e/..//etc/passwd URI.
by Marouene Boubakri
CVSS 9.8
Bayanno Hospital Management System 4.0 - Cross-Site Scripting
by Gokhan Sagoglu
Google Android - Incorrect Authorization
In the SELinux permissions of crash_dump.te, there is a permissions bypass due to a missing restriction. This could lead to a local escalation of privilege, with System privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android-9.0 Android ID: A-110107376.
by Google Security Research
CVSS 7.8
Nmap 7.70 Denial of Service via XML Entity Expansion
Nmap 7.70 contains a denial of service vulnerability that allows local attackers to crash the application by processing malicious XML files with exponential entity expansion. Attackers can create a crafted XML file with nested entity definitions and open it through ZenMap's scan import functionality to cause the program to consume excessive system resources and crash.
by Gionathan Reale
CVSS 6.2
Microsoft Baseline Security Analyzer 2.3 - XML External Entity Injection
by hyp3rlinx
Softneta MedDream PACS Server Premium 6.7.1.1 - Directory Traversal
by Carlos Avila
MedDream PACS Server Premium 6.7.1.1 - 'email' SQL Injection
by Carlos Avila
Tenable WAS-Scanner 7.4.1708 - Remote Command Execution
by Sameer Goyal
Qnap Photo Station < 5.7.0 - XSS
Cross-site scripting vulnerability in QNAP Photo Station versions 5.7.0 and earlier could allow remote attackers to inject Javascript code in the compromised application.
by Mitsuaki Shiraishi
CVSS 6.1
NovaRad NovaPACS Diagnostics Viewer <8.5.19.75 - XXE Injection
NovaRad NovaPACS Diagnostics Viewer 8.5.19.75 contains an unauthenticated XML External Entity (XXE) injection vulnerability in XML preference import settings. Attackers can craft malicious XML files with DTD parameter entities to retrieve arbitrary system files through an out-of-band channel attack.
by LiquidWorm
CVSS 9.8
Jorani - XSS
Persistent cross-site scripting (XSS) issues in Jorani 0.6.5 allow remote attackers to inject arbitrary web script or HTML via the language parameter to session/language.
by Javier Olmedo
CVSS 5.4
Jorani - SQL Injection
An issue was discovered in Jorani 0.6.5. SQL Injection (error-based) allows a user of the application without permissions to read and modify sensitive information from the database used by the application via the startdate or enddate parameter to leaves/validate.
by Javier Olmedo
CVSS 5.4
Endress Wirelesshart Fieldgate Swg70 Firmware - Path Traversal
Endress+Hauser WirelessHART Fieldgate SWG70 3.x devices allow Directory Traversal via the fcgi-bin/wgsetcgi filename parameter.
by Hamit CİBO
CVSS 5.3
Tenda D152 - XSS
Tenda D152 ADSL routers allow XSS via a crafted SSID.
by Sandip Dey
CVSS 5.4
Logicspice FAQ Script <2.9.7 - Command Injection
Logicspice FAQ Script 2.9.7 allows uploading arbitrary files, which leads to remote command execution via admin/faqs/faqimages with a .php file.
by AkkuS
CVSS 7.2
Simple POS 4.0.24 - SQL Injection
Simple POS 4.0.24 allows SQL Injection via a products/get_products/ columns[0][search][value] parameter in the management panel, as demonstrated by products/get_products/1.
by Renos Nikolaou
CVSS 9.8
By Source