Text Exploits
31,364 exploits tracked across all sources.
Hycus Cms - Authentication Bypass
Hycus CMS 1.0.4 allows Authentication Bypass via "'=' 'OR'" credentials.
by Berk Dusunur
CVSS 9.8
DIGISOL DG-HR3400 - XSS
DIGISOL DG-HR3400 devices have XSS via a modified SSID when the apssid value is unchanged.
by Adipta Basu
CVSS 6.1
Hongcms - SQL Injection
An issue wan discovered in admin\controllers\database.php in HongCMS 3.0.0. There is a SQL Injection vulnerability via an admin/index.php/database/operate?dbaction=emptytable&tablename= URI.
by Hzllaga
CVSS 7.2
WordPress Core < 4.9.6 - (Authenticated) Arbitrary File Deletion
by VulnSpy
PoDoFo 0.9.5 - DoS
In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete() in PdfParserObject.cpp which may result in stack overflow. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file.
by r4xis
CVSS 8.8
Foxit PDF Reader Pointer Overwrite UAF
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of typed arrays. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-5380.
by mr_me
CVSS 6.5
Ecessa Edge EV150 10.7.4 - CSRF
Ecessa Edge EV150 10.7.4 contains a cross-site request forgery vulnerability that allows attackers to create administrative user accounts without authentication. Attackers can craft a malicious web page with a form that submits requests to the /cgi-bin/pl_web.cgi/util_configlogin_act endpoint to add superuser accounts with arbitrary credentials.
by LiquidWorm
CVSS 5.3
Ecessa WANWorx WVR-30 <10.7.4 - CSRF
Ecessa WANWorx WVR-30 versions before 10.7.4 contain a cross-site request forgery vulnerability that allows attackers to perform administrative actions without request validation. Attackers can craft a malicious web page with a hidden form to create a new superuser account by tricking an authenticated administrator into loading the page.
by LiquidWorm
CVSS 4.3
Ecessa ShieldLink SL175EHQ 10.7.4 - CSRF
Ecessa ShieldLink SL175EHQ 10.7.4 contains a cross-site request forgery vulnerability that allows attackers to create administrative user accounts without authentication. Attackers can craft a malicious web page with a hidden form to add a superuser account by tricking a logged-in administrator into loading the page.
by LiquidWorm
CVSS 5.3
Intex N150 - CSRF
An issue was discovered on Intex N150 devices. The router firmware suffers from multiple CSRF injection point vulnerabilities including changing user passwords and router settings.
by Samrat Das
CVSS 8.8
Intex N150 - CSRF
An issue was discovered on Intex N150 devices. The router firmware suffers from multiple CSRF injection point vulnerabilities including changing user passwords and router settings.
by Samrat Das
CVSS 8.8
Intex N150 - Info Disclosure
An issue was discovered on Intex N150 devices. The backup/restore option does not check the file extension uploaded for importing a configuration files backup, which can lead to corrupting the router firmware settings or even the uploading of malicious files. In order to exploit the vulnerability, an attacker can upload any malicious file and force reboot the router with it.
by Samrat Das
CVSS 8.1
Foxitsoftware Foxit Reader < 9.0.1.1049 - Use After Free
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Text Annotations. When setting the point attribute, the process does not properly validate the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5620.
by mr_me
CVSS 8.8
iThemes Security <7.0.3 - SQL Injection
The iThemes Security (better-wp-security) plugin before 7.0.3 for WordPress allows SQL Injection (by attackers with Admin privileges) via the logs page.
by Çlirim Emini
CVSS 7.2
WordPress Comments Import & Export <2.0.4 - Code Injection
The plugin "WordPress Comments Import & Export" for WordPress (v2.0.4 and before) is vulnerable to CSV Injection.
by Bhushan B. Patil
CVSS 7.8
WordPress <1.5.4 - Code Injection
The plugin "Advanced Order Export For WooCommerce" for WordPress (v1.5.4 and before) is vulnerable to CSV Injection.
by Bhushan B. Patil
CVSS 7.8
Linux Kernel < 4.17.2 - Denial of Service
In arch/x86/kvm/vmx.c in the Linux kernel before 4.17.2, when nested virtualization is used, local attackers could cause L1 KVM guests to VMEXIT, potentially allowing privilege escalations and denial of service attacks due to lack of checking of CPL.
by Google Security Research
CVSS 4.9
Ecessa Shieldlink Sl175ehq Firmware - CSRF
ECESSA ShieldLink SL175EHQ 10.7.4 devices have CSRF to add superuser accounts via the cgi-bin/pl_web.cgi/util_configlogin_act URI.
by LiquidWorm
CVSS 8.8
Digisol DG- BR4000NG - XSS
DIGISOL DG-BR4000NG devices have XSS via the SSID (it is validated only on the client side).
by Adipta Basu
CVSS 6.1
AsusWRT RT-AC750GF - Cross-Site Request Forgery (Change Admin Password)
by Wadeek
DIGISOL DG-BR4000NG - Buffer Overflow
DIGISOL DG-BR4000NG devices have a Buffer Overflow via a long Authorization HTTP header.
by Adipta Basu
CVSS 9.8
phpLDAPadmin 1.2.2 - SQL Injection
phpLDAPadmin 1.2.2 allows LDAP injection via a crafted server_id parameter in a cmd.php?cmd=login_form request, or a crafted username and password in the login panel.
by Berk Dusunur
CVSS 9.8
phpMyAdmin 4.8.x <4.8.2 - Code Injection
An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for whitelisted pages. An attacker must be authenticated, except in the "$cfg['AllowArbitraryServer'] = true" case (where an attacker can specify any host he/she is already in control of, and execute arbitrary code on phpMyAdmin) and the "$cfg['ServerDefault'] = 0" case (which bypasses the login requirement and runs the vulnerable code without any authentication).
by VulnSpy
CVSS 8.8
GreenCMS 2.3.0603 - Info Disclosure
GreenCMS 2.3.0603 allows remote attackers to obtain sensitive information via a direct request for Data/Log/year_month_day.log.
by vr_system
CVSS 7.5
By Source