Text Exploits
31,364 exploits tracked across all sources.
Asustor Data Master - SQL Injection
The tree list functionality in the photo gallery application in ASUSTOR ADM 3.1.0.RFQ3 has a SQL injection vulnerability that affects the 'album_id' or 'scope' parameter via a photo-gallery/api/album/tree_lists/ URI.
by Kyle Lovett
CVSS 9.8
IBM Sterling B2b Integrator < 5.2.6 - XSS
IBM Sterling B2B Integrator Standard Edition 5.2.0 through 5.2.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 141551.
by Vikas Khanna
CVSS 5.4
Microsoft DirectX SDK - 'Xact.exe' Remote Code Execution
by hyp3rlinx
IBM Sterling B2b Integrator < 5.2.6.3 - XSS
IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142967.
by Vikas Khanna
CVSS 5.4
Google Android - Path Traversal
In readMetadata of Utils.cpp, there is a possible path traversal bug due to a confused deputy. This could lead to local escalation of privilege when mounting a USB device with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-80436257.
by Google Security Research
CVSS 6.8
MyBB Like Plugin 3.0.0 Cross-Site Scripting via User Profiles
MyBB Like Plugin 3.0.0 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts by creating posts or threads with unvalidated subject content. Attackers can craft post subjects containing script tags that execute when other users view the attacker's profile, where liked posts are displayed without sanitization.
by 0xB9
CVSS 6.1
Synacor Zimbra Collaboration Suite < 8.6.0 - XSS
Cross-site scripting (XSS) vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bug 103609.
by Dino Barlattani
CVSS 6.1
Eldenroot Thank You/Like <3.1.0 - XSS
inc/plugins/thankyoulike.php in the Eldenroot Thank You/Like plugin before 3.1.0 for MyBB allows XSS via a post or thread subject.
by 0xB9
CVSS 6.1
Ericsson-LG iPECS NMS 30M - Path Traversal
Ericsson-LG iPECS NMS 30M allows directory traversal via ipecs-cm/download?filename=../ URIs.
by Safak Aslan
CVSS 7.5
Osticket - Unrestricted File Upload
osTicket 1.10.1 provides a functionality to upload 'html' files with associated formats. However, it does not properly validate the uploaded file's contents and thus accepts any type of file, such as with a tickets.php request that is modified with a .html extension changed to a .exe extension. An attacker can leverage this vulnerability to upload arbitrary files on the web application having malicious content.
by Rajwinder Singh
CVSS 9.8
TP-Link Wireless N Router WR840N - Denial of Service (PoC)
by Aniket Dinda
Foxit Reader 9.0.1.1049 - Buffer Overflow (ASLR & DEP Bypass)
by Manoj Ahuje
Monstra-Dev 3.0.4 - Cross-Site Request Forgery (Account Hijacking)
by Nainsi Gupta
Open-Audit Community 2.2.6 - XSS
Cross-site scripting (XSS) vulnerability in the Groups Page in Open-Audit Community 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the group name.
by Ranjeet Jaiswal
CVSS 6.1
Subrion CMS 4.2.1 - XSS
uploads/.htaccess in Subrion CMS 4.2.1 allows XSS because it does not block .html file uploads (but does block, for example, .htm file uploads).
by Zeel Chavda
CVSS 6.1
Wavemaker Wavemarker Studio - SSRF
com/wavemaker/studio/StudioService.java in WaveMaker Studio 6.6 mishandles the studioService.download?method=getContent&inUrl= value, leading to disclosure of local files and SSRF.
by Gionathan Reale
CVSS 9.6
LAMS <3.1 - XSS
There is unauthenticated reflected cross-site scripting (XSS) in LAMS before 3.1 that allows a remote attacker to introduce arbitrary JavaScript via manipulation of an unsanitized GET parameter during a forgotPasswordChange.jsp?key= password change.
by Nikola Kojic
CVSS 6.1
Sitecore.net - Path Traversal
An issue was discovered in Sitecore Sitecore.NET 8.1 rev. 151207 Hotfix 141178-1 and above. The 'Log Viewer' application is vulnerable to a directory traversal attack, allowing an attacker to access arbitrary files from the host Operating System using a sitecore/shell/default.aspx?xmlcontrol=LogViewerDetails&file= URI. Validation is performed to ensure that the text passed to the 'file' parameter correlates to the correct log file directory. This filter can be bypassed by including a valid log filename and then appending a traditional 'dot dot' style attack.
by Chris
CVSS 7.5
Vuze Bittorrent Client - XXE
In Vuze Bittorrent Client 5.7.6.0, the XML parsing engine for SSDP/UPnP functionality is vulnerable to an XML External Entity Processing (XXE) attack. Remote, unauthenticated attackers can use this vulnerability to: (1) Access arbitrary files from the filesystem with the same permission as the user account running Vuze, (2) Initiate SMB connections to capture a NetNTLM challenge/response and crack to cleartext password, or (3) Initiate SMB connections to relay a NetNTLM challenge/response and achieve Remote Command Execution in Windows domains.
by Chris Moberly
CVSS 9.8
Plex Media Server - XXE
In Plex Media Server 1.13.2.5154, the XML parsing engine for SSDP/UPnP functionality is vulnerable to an XML External Entity Processing (XXE) attack. Remote, unauthenticated attackers can use this vulnerability to: (1) Access arbitrary files from the filesystem with the same permission as the user account running Plex, (2) Initiate SMB connections to capture a NetNTLM challenge/response and crack to cleartext password, or (3) Initiate SMB connections to relay a NetNTLM challenge/response and achieve Remote Command Execution in Windows domains.
by Chris Moberly
CVSS 9.8
PHP Template Store Script 3.0.6 - XSS
PHP Template Store Script 3.0.6 allows XSS via the Address line 1, Address Line 2, Bank name, or A/C Holder name field in a profile.
by Sarafraz Khan
CVSS 5.4
cgit < 1.2.1 - 'cgit_clone_objects()' Directory Traversal
by Google Security Research
Spirton Universal Media Server - XXE
In Universal Media Server (UMS) 7.1.0, the XML parsing engine for SSDP/UPnP functionality is vulnerable to an XML External Entity Processing (XXE) attack. Remote, unauthenticated attackers can use this vulnerability to: (1) Access arbitrary files from the filesystem with the same permission as the user account running UMS, (2) Initiate SMB connections to capture a NetNTLM challenge/response and crack to cleartext password, or (3) Initiate SMB connections to relay a NetNTLM challenge/response and achieve Remote Command Execution in Windows domains.
by Chris Moberly
CVSS 9.8
TI Online Examination System v2 - Arbitrary File Download
by AkkuS
By Source