Text Exploits
31,386 exploits tracked across all sources.
Moderator Log Notes 1.1 - Cross-Site Request Forgery
An issue was discovered in the Moderator Log Notes plugin 1.1 for MyBB. It allows moderators to save notes and display them in a list in the modCP. An attacker can remotely delete all mod notes and mod note logs in the modCP and ACP via CSRF.
by 0xB9
CVSS 6.5
Export Users to CSV < 1.1.1 - CSV Injection
The Export Users to CSV plugin through 1.1.1 for WordPress allows CSV injection.
by Javier Olmedo
CVSS 8.6
pimcore < 5.3.0 - SQL Injection via REST Web Service API
Pimcore before 5.3.0 allows SQL Injection via the REST web service API.
by SEC Consult
CVSS 6.5
pimcore < 5.3.0 - Cross-Site Request Forgery via Missing CSRF Token Validation
Pimcore before 5.3.0 allows remote attackers to conduct cross-site request forgery (CSRF) attacks by leveraging validation of the X-pimcore-csrf-token anti-CSRF token only in the "Settings > Users / Roles" function.
by SEC Consult
CVSS 8.8
OpenEMR < 5.0.1.4 - Authenticated Path Traversal via Patient Portal Import Template
Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker authenticated in the patient portal to delete arbitrary files via the "docid" parameter when the mode is set to delete.
by Joshua Fam
CVSS 6.5
OpenEMR < 5.0.1.4 - Authenticated Path Traversal via Patient Portal Import Template
Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker authenticated in the patient portal to read arbitrary files via the "docid" parameter when the mode is set to get.
by Joshua Fam
CVSS 6.5
pimcore < 5.2.3 and >=0 < 5.3.0 - Cross-Site Scripting via Multiple Input Fields
Pimcore allows XSS via Users, Assets, Data Objects, Video Thumbnails, Image Thumbnails, Field-Collections, Objectbrick, Classification Store, Document Types, Predefined Properties, Predefined Asset Metadata, Quantity Value, and Static Routes functions.
by SEC Consult
CVSS 5.4
OpenEMR < 5.0.1.4 - Authenticated Path Traversal and Arbitrary PHP File Write via Patient Portal Import Template
Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker authenticated in the patient portal to execute arbitrary PHP code by writing a file with a PHP extension via the "docid" and "content" parameters and accessing it in the traversed directory.
by Joshua Fam
CVSS 8.8
WebKit <2.20.3-2.20.1 - Buffer Overflow
The getImageData function in the ImageBufferCairo class in WebCore/platform/graphics/cairo/ImageBufferCairo.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.3 and WPE WebKit prior to version 2.20.1, is vulnerable to a heap-based buffer overflow triggered by an integer overflow, which could be abused by crafted HTML content.
by PeregrineX
CVSS 8.8
TP-Link TL-WR840N Firmware - Buffer Overflow via Long Authorization HTTP Header
TP-Link WR840N devices have a buffer overflow via a long Authorization HTTP header.
by Aniket Dinda
CVSS 7.5
ASUSTOR ADM < 3.1.2.rhg1 - Unauthenticated Remote Code Execution via script Parameter
The ASUSTOR ADM 3.1.0.RFQ3 NAS portal suffers from an unauthenticated remote code execution vulnerability in the portal/apis/aggrecate_js.cgi file by embedding OS commands in the 'script' parameter.
by Kyle Lovett
CVSS 9.8
ASUSTOR ADM 3.1.0.RFQ3 - Use of Hard-coded Credentials
ASUSTOR ADM 3.1.0.RFQ3 uses the same default root:admin username and password as it does for the NAS itself for applications that are installed from the online repository. This may allow an attacker to login and upload a webshell.
by Kyle Lovett
CVSS 9.8
JioFi 4G Hotspot M2S Firmware - Denial of Service via XSS in SSID and Security Key Fields
JioFi 4G Hotspot M2S devices allow attackers to cause a denial of service (secure configuration outage) via an XSS payload in the SSID name and Security Key fields.
by Vikas Chaudhary
CVSS 6.5
ASUSTOR ADM 3.1.0.RFQ3 - SQL Injection via Photo Gallery Tree List Album ID or Scope Parameter
The tree list functionality in the photo gallery application in ASUSTOR ADM 3.1.0.RFQ3 has a SQL injection vulnerability that affects the 'album_id' or 'scope' parameter via a photo-gallery/api/album/tree_lists/ URI.
by Kyle Lovett
CVSS 9.8
IBM Sterling B2B Integrator 5.2.0-5.2.6 - Cross-Site Scripting
IBM Sterling B2B Integrator Standard Edition 5.2.0 through 5.2.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 141551.
by Vikas Khanna
CVSS 5.4
Microsoft DirectX SDK - 'Xact.exe' Remote Code Execution
by hyp3rlinx
IBM Sterling B2B Integrator 5.2.0.1-5.2.6.2 and Sterling File Gateway 2.2.0-2.2.5 - Cross-Site Scripting
IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142967.
by Vikas Khanna
CVSS 5.4
Android 6.0-8.1 - Path Traversal in Utils.cpp readMetadata
In readMetadata of Utils.cpp, there is a possible path traversal bug due to a confused deputy. This could lead to local escalation of privilege when mounting a USB device with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-80436257.
by Google Security Research
CVSS 6.8
MyBB Like Plugin 3.0.0 Cross-Site Scripting via User Profiles
MyBB Like Plugin 3.0.0 contains a stored cross-site scripting vulnerability. Authenticated attackers can inject script payloads into post or thread subjects; when other users view a profile that displays the attacker's liked posts, the unsanitized subject is rendered, executing the script in the viewer's browser.
by 0xB9
CVSS 6.1
Zimbra Collaboration Suite < 8.6.0 - Cross-Site Scripting
Cross-site scripting (XSS) vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bug 103609.
by Dino Barlattani
CVSS 6.1
Eldenroot Thank You/Like <3.1.0 - XSS
inc/plugins/thankyoulike.php in the Eldenroot Thank You/Like plugin before 3.1.0 for MyBB allows XSS via a post or thread subject.
by 0xB9
CVSS 6.1
Ericsson-LG iPECS NMS 30M - Path Traversal
Ericsson-LG iPECS NMS 30M allows directory traversal via ipecs-cm/download?filename=../ URIs.
by Safak Aslan
CVSS 7.5
osTicket 1.10.1 - Unrestricted Upload of File with Dangerous Type via tickets.php
osTicket 1.10.1 provides a functionality to upload 'html' files with associated formats. However, it does not properly validate the uploaded file's contents and thus accepts any type of file, such as with a tickets.php request that is modified with a .html extension changed to a .exe extension. An attacker can leverage this vulnerability to upload arbitrary files on the web application having malicious content.
by Rajwinder Singh
CVSS 9.8
By Source