Text Exploits
31,386 exploits tracked across all sources.
Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Scripting
by cakes
WordPress Plugin Survey & Poll 1.5.7.3 - 'sss_params' SQL Injection
by Ceylan BOZOĞULLARINDAN
Apache Syncope 1.2.0-1.2.10 - Authenticated Remote Code Execution via XSLT
An administrator with report and template entitlements in Apache Syncope 1.2.x before 1.2.11, 2.0.x before 2.0.8, and unsupported releases 1.0.x and 1.1.x which may be also affected, can use XSL Transformations (XSLT) to perform malicious operations, including but not limited to file read, file write, and code execution.
by Che-Chun Kuo
CVSS 7.2
Apache Syncope 1.2.0-1.2.10 - Information Disclosure via FIQL and ORDER BY Parameters
An administrator with user search entitlements in Apache Syncope 1.2.x before 1.2.11, 2.0.x before 2.0.8, and unsupported releases 1.0.x and 1.1.x which may be also affected, can recover sensitive security values using the fiql and orderby parameters.
by Che-Chun Kuo
CVSS 4.9
Apache Pluto 3.0.0 - Exposure of Sensitive Information via File Upload Path Disclosure
The PortletV3AnnotatedDemo Multipart Portlet war file code provided in Apache Pluto version 3.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to restrict path information provided during a file upload. An attacker could exploit this vulnerability to obtain configuration data and other sensitive information.
by Che-Chun Kuo
CVSS 7.5
Chrome OS 10820.0.0 dev-channel - app->VM via garcon TCP Command Socket
by Google Security Research
Linux 4.18 - Arbitrary Kernel Read into dmesg via Missing Address Check in segfault Handler
by Google Security Research
Synametrics SynaMan 4.0 build 1488 - Insufficiently Protected SMTP Credentials
Synametrics SynaMan 4.0 build 1488 uses cleartext password storage for SMTP credentials.
by bzyo
CVSS 7.8
SynaMan 4.0 build 1488 - Stored Cross-Site Scripting via Partial Branding Configuration
Multiple cross-site scripting (XSS) vulnerabilities in Synametrics SynaMan 4.0 build 1488 via the (1) Main heading or (2) Sub heading fields in the Partial Branding configuration page.
by bzyo
CVSS 4.8
MyBB 1.8.17 - Cross-Site Scripting in RSS Syndication Feed
An issue was discovered in inc/class_feedgeneration.php in MyBB 1.8.17. On the forum RSS Syndication page, one can generate a URL such as http://localhost/syndication.php?fid=&type=atom1.0&limit=15. The thread titles (within title elements of the generated XML documents) aren't sanitized, leading to XSS.
by 0xB9
CVSS 6.1
IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 - SQL Injection
IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, information in the back-end database. IBM X-Force ID: 148599.
by Mohamed Sayed
CVSS 7.5
Rubedo < 3.4.0 - Unauthenticated Path Traversal via Theme Component
Rubedo through 3.4.0 contains a Directory Traversal vulnerability in the theme component, allowing unauthenticated attackers to read and execute arbitrary files outside of the service root path, as demonstrated by a /theme/default/img/%2e%2e/..//etc/passwd URI.
by Marouene Boubakri
CVSS 9.8
Bayanno Hospital Management System 4.0 - Cross-Site Scripting
by Gokhan Sagoglu
Android 8.0-9.0 - Incorrect Authorization in SELinux crash_dump.te Permissions
In the SELinux permissions of crash_dump.te, there is a permissions bypass due to a missing restriction. This could lead to a local escalation of privilege, with System privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android-9.0 Android ID: A-110107376.
by Google Security Research
CVSS 7.8
Nmap 7.70 Denial of Service via XML Entity Expansion
Nmap 7.70 contains a denial of service vulnerability that allows local attackers to crash the application by processing malicious XML files with exponential entity expansion. Attackers can create a crafted XML file with nested entity definitions and open it through ZenMap's scan import functionality to cause the program to consume excessive system resources and crash.
by Gionathan Reale
CVSS 6.2
Microsoft Baseline Security Analyzer 2.3 - XML External Entity Injection
by hyp3rlinx
Softneta MedDream PACS Server Premium 6.7.1.1 Directory Traversal
Softneta MedDream PACS Server Premium 6.7.1.1 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the path parameter. Attackers can send requests to nocache.php with encoded backslash sequences to traverse directories and access sensitive files including system configuration and password files.
by Carlos Avila
CVSS 7.5
MedDream PACS Server Premium 6.7.1.1 SQL Injection via email
MedDream PACS Server Premium 6.7.1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the email parameter. Attackers can submit crafted POST requests to the userSignup.php endpoint with SQL payloads in the email field to extract sensitive database information from the backend MySQL database.
by Carlos Avila
CVSS 8.2
Tenable WAS-Scanner 7.4.1708 - Remote Command Execution
by Sameer Goyal
QNAP Photo Station <= 5.7.0 - Cross-Site Scripting
Cross-site scripting vulnerability in QNAP Photo Station versions 5.7.0 and earlier could allow remote attackers to inject Javascript code in the compromised application.
by Mitsuaki Shiraishi
CVSS 6.1
NovaRad NovaPACS Diagnostics Viewer <8.5.19.75 - XXE Injection
NovaRad NovaPACS Diagnostics Viewer 8.5.19.75 contains an unauthenticated XML External Entity (XXE) injection vulnerability in XML preference import settings. Attackers can craft malicious XML files with DTD parameter entities to retrieve arbitrary system files through an out-of-band channel attack.
by LiquidWorm
CVSS 9.8
Jorani 0.6.5 - Stored Cross-Site Scripting via Language Parameter
Persistent cross-site scripting (XSS) issues in Jorani 0.6.5 allow remote attackers to inject arbitrary web script or HTML via the language parameter to session/language.
by Javier Olmedo
CVSS 5.4
Jorani 0.6.5 - SQL Injection via Startdate or Enddate Parameter
An issue was discovered in Jorani 0.6.5. SQL Injection (error-based) allows a user of the application without permissions to read and modify sensitive information from the database used by the application via the startdate or enddate parameter to leaves/validate.
by Javier Olmedo
CVSS 5.4
Endress+Hauser WirelessHART Fieldgate SWG70 3.x - Path Traversal via fcgi-bin/wgsetcgi filename Parameter
Endress+Hauser WirelessHART Fieldgate SWG70 3.x devices allow Directory Traversal via the fcgi-bin/wgsetcgi filename parameter.
by Hamit CİBO
CVSS 5.3
By Source