Text Exploits
31,386 exploits tracked across all sources.
WolfSight CMS 3.2 - SQL Injection via PATH_INFO
WolfSight CMS 3.2 allows SQL injection via the PATH_INFO to the default URI.
by Berk Dusunur
CVSS 9.8
Call of Duty Modern Warfare 2 < 2018-04-26 - Remote Code Execution via Stack-Based Buffer Overflow
Stack-based buffer overflow in Activision Infinity Ward Call of Duty Modern Warfare 2 before 2018-04-26 allows remote attackers to execute arbitrary code via crafted packets.
by Maurice Heumann
CVSS 10.0
Umbraco CMS SeoChecker Plugin 1.9.2 - Cross-Site Scripting
by Ahmed Elhady Mohamed
Airties 5444 and 5444TT Firmware 1.0.0.18 - Cross-Site Scripting
Airties 5444 1.0.0.18 and 5444TT 1.0.0.18 devices allow XSS.
by Raif Berkay Dincel
CVSS 6.1
SoftExpert Excellence Suite 2.0 - Authenticated SQL Injection via cddocument Parameter
A SQL injection vulnerability in the SoftExpert (SE) Excellence Suite 2.0 allows remote authenticated users to perform SQL heuristics by pulling information from the database with the "cddocument" parameter in the "Downloading Electronic Documents" section.
by Seren PORSUK
CVSS 8.8
Adbglobal Dv2210 Firmware - Incorrect Authorization
All ADB broadband gateways / routers based on the Epicentro platform are affected by an authorization bypass vulnerability where attackers are able to access and manipulate settings within the web interface that are forbidden to end users (e.g., by the ISP). An attacker would be able to enable the TELNET server or other settings as well.
by SEC Consult
CVSS 7.5
Adbglobal Dv2210 Firmware - Incorrect Permission Assignment
All ADB broadband gateways / routers based on the Epicentro platform are affected by a privilege escalation vulnerability where attackers can gain access to the command line interface (CLI) if previously disabled by the ISP, escalate their privileges, and perform further attacks.
by SEC Consult
CVSS 7.5
Epicentro - Privilege Escalation
All ADB broadband gateways / routers based on the Epicentro platform are affected by a local root jailbreak vulnerability where attackers are able to gain root access on the device, and extract further information such as sensitive configuration data of the ISP (e.g., VoIP credentials) or attack the internal network of the ISP.
by SEC Consult
CVSS 7.8
ShopNx through 2017-11-17 - Unrestricted Upload of File with Dangerous Type
An issue was discovered in ShopNx through 2017-11-17. The vulnerability allows a remote attacker to upload any malicious file to a Node.js application. An attacker can upload a malicious HTML file that contains a JavaScript payload to steal a user's credentials.
by L0RD
CVSS 8.8
Brynamics - Exposure of Sensitive Information via Direct Request to /dashboard/deposit
Brynamics "Online Trade - Online trading and cryptocurrency investment system" allows remote attackers to obtain sensitive information via a direct request for the /dashboard/deposit URI, as demonstrated by discovering database credentials.
by L0RD
CVSS 9.8
Dolibarr ERP CRM 7.0.3 Remote Code Evaluation via install/step1.php
Dolibarr ERP CRM 7.0.3 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP code through the db_name parameter. Attackers can send a POST request to install/step1.php with malicious PHP code in the db_name parameter, then execute commands via the check.php endpoint using the cmd GET parameter.
by om3rcitak
CVSS 9.8
SIPp 3.6 Local Buffer Overflow via Command-line Arguments
SIPp 3.6 and earlier contains a local buffer overflow vulnerability in command-line argument handling that allows local attackers to crash the application or execute arbitrary code. Attackers can trigger the vulnerability by supplying oversized input to the -3pcc, -i, or -log_file parameters, causing strcpy to write beyond buffer boundaries in sipp.cpp.
by Fakhri Zulkifli
CVSS 8.4
Enhanced Mitigation Experience Toolkit (EMET) - XML External Entity Injection
by hyp3rlinx
Hycus CMS 1.0.4 - Authentication Bypass via '=' 'OR' Credentials
Hycus CMS 1.0.4 allows Authentication Bypass via "'=' 'OR'" credentials.
by Berk Dusunur
CVSS 9.8
DIGISOL DG-HR3400 Firmware - Stored Cross-Site Scripting via SSID Parameter
DIGISOL DG-HR3400 devices have XSS via a modified SSID when the apssid value is unchanged.
by Adipta Basu
CVSS 6.1
HongCMS 3.0.0 - SQL Injection via Database Empty Table URI Parameter
An issue wan discovered in admin\controllers\database.php in HongCMS 3.0.0. There is a SQL Injection vulnerability via an admin/index.php/database/operate?dbaction=emptytable&tablename= URI.
by Hzllaga
CVSS 7.2
WordPress Core < 4.9.6 - (Authenticated) Arbitrary File Deletion
by VulnSpy
PoDoFo 0.9.5 - Denial of Service via Infinite Loop in PdfParserObject
In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete() in PdfParserObject.cpp which may result in stack overflow. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file.
by r4xis
CVSS 8.8
Foxit PDF Reader Pointer Overwrite UAF
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of typed arrays. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-5380.
by mr_me
CVSS 6.5
Ecessa Edge EV150 10.7.4 - Unauthenticated Cross-Site Request Forgery via /cgi-bin/pl_web.cgi/util_configlogin_act
Ecessa Edge EV150 10.7.4 contains a cross-site request forgery vulnerability that allows attackers to create administrative user accounts without authentication. Attackers can craft a malicious web page with a form that submits requests to the /cgi-bin/pl_web.cgi/util_configlogin_act endpoint to add superuser accounts with arbitrary credentials.
by LiquidWorm
CVSS 5.3
Ecessa WANWorx WVR-30 <10.7.4 - CSRF
Ecessa WANWorx WVR-30 versions before 10.7.4 contain a cross-site request forgery vulnerability that allows attackers to perform administrative actions without request validation. Attackers can craft a malicious web page with a hidden form to create a new superuser account by tricking an authenticated administrator into loading the page.
by LiquidWorm
CVSS 4.3
Ecessa ShieldLink SL175EHQ 10.7.4 - CSRF
Ecessa ShieldLink SL175EHQ 10.7.4 contains a cross-site request forgery vulnerability that allows attackers to create administrative user accounts without authentication. Attackers can craft a malicious web page with a hidden form to add a superuser account by tricking a logged-in administrator into loading the page.
by LiquidWorm
CVSS 5.3
By Source