Text Exploits
31,364 exploits tracked across all sources.
Psftpd - Improper Input Validation
The PSFTPd 10.0.4 Build 729 server does not properly escape data before writing it into a Comma Separated Values (CSV) file. This can be used by attackers to hide data in the Graphical User Interface (GUI) view and create arbitrary entries to a certain extent. Special characters such as '"' and ',' and '\r' are not escaped and can be used to add new entries to the log.
by X41 D-Sec GmbH
CVSS 5.3
Psftpd - Use After Free
A use-after-free issue could be triggered remotely in the SFTP component of PSFTPd 10.0.4 Build 729. This issue could be triggered prior to authentication. The PSFTPd server did not automatically restart, which enabled attackers to perform a very effective DoS attack against this service. By sending a crafted SSH identification / version string to the server, a NULL pointer dereference could be caused, apparently because of a race condition in the window message handling, performing the cleanup for invalid connections. This incorrect cleanup code has a use-after-free.
by X41 D-Sec GmbH
CVSS 5.9
Kirby Panel <2.3.3, <2.4.2, <2.5.7 - XSS
A cross-site Scripting (XSS) vulnerability in Kirby Panel before 2.3.3, 2.4.x before 2.4.2, and 2.5.x before 2.5.7 exists when displaying a specially prepared SVG document that has been uploaded as a content file.
by Ishaq Mohammed
CVSS 5.4
MyBB <1.8.13 - RCE
The installer in MyBB before 1.8.13 allows remote attackers to execute arbitrary code by writing to the configuration file.
by Pabstersac
CVSS 9.8
MyBB <1.8.13 - XSS
The installer in MyBB before 1.8.13 has XSS.
by Pabstersac
CVSS 5.4
Zoho ManageEngine Applications Manager <13 - SQL Injection
Zoho ManageEngine Applications Manager 13 before build 13500 allows Post-authentication SQL injection via the name parameter in a manageApplications.do?method=insert request.
by Cody Sixteen
CVSS 8.8
Zoho ManageEngine Applications Manager <13 - SQL Injection
Zoho ManageEngine Applications Manager 13 before build 13500 allows SQL injection via GraphicalView.do, as demonstrated by a crafted viewProps yCanvas field or viewid parameter.
by Cody Sixteen
CVSS 9.8
Avaya IP Office < 10.1.1 - Memory Corruption
Buffer overflow in the SoftConsole client in Avaya IP Office before 10.1.1 allows remote servers to execute arbitrary code via a long response.
by hyp3rlinx
CVSS 9.6
Avaya IP Office Contact Center - Memory Corruption
Buffer overflow in the ViewerCtrlLib.ViewerCtrl ActiveX control in Avaya IP Office Contact Center before 10.1.1 allows remote attackers to cause a denial of service (heap corruption and crash) or execute arbitrary code via a long string to the open method.
by hyp3rlinx
CVSS 8.8
UserPro plugin <4.9.17.1 - Auth Bypass
The UserPro plugin before 4.9.17.1 for WordPress, when used on a site with the "admin" username, allows remote attackers to bypass authentication and obtain administrative access via a "true" value for the up_auto_log parameter in the QUERY_STRING to the default URI.
by Colette Chamberland
CVSS 9.8
Ladon <0.6.1 - XXE
Ladon since 0.6.1 (since ebef0aae48af78c159b6fce81bc6f5e7e0ddb059) is affected by: XML External Entity (XXE). The impact is: Information Disclosure, reading files and reaching internal network endpoints. The component is: SOAP request handlers. For instance: https://bitbucket.org/jakobsg/ladon/src/42944fc012a3a48214791c120ee5619434505067/src/ladon/interfaces/soap.py#lines-688. The attack vector is: Send a specially crafted SOAP call.
by RedTeam Pentesting
CVSS 9.8
WordPress Plugin JTRT Responsive Tables 4.1 - SQL Injection
by Lenon Leite
Logitech Media Server 7.9.0 - XSS
Persistent Cross-Site Scripting (XSS) vulnerability in Logitech Media Server 7.9.0, affecting the "Radio" functionality. This vulnerability allows attackers to inject malicious JavaScript payloads, which become permanently stored on the server and execute when a user plays the compromised radio stream. Exploitation of this vulnerability can lead to Session hijacking and unauthorized access, Persistent manipulation of web content within the application, and Phishing or malicious redirects to external domains. This vulnerability can be exploited to manipulate media server behavior in enterprise and home network environments.
by Dewank Pant
CVSS 5.4
Logitech Media Server 7.9.0 - XSS
Persistent Cross-Site Scripting (XSS) vulnerability in Logitech Media Server 7.9.0, affecting the "Favorites" feature. This vulnerability allows remote attackers to inject and permanently store malicious JavaScript payloads, which are executed when users access the affected functionality. Exploitation of this vulnerability can lead to Session Hijacking and Credential Theft, Execution of unauthorized actions on behalf of users, and Exfiltration of sensitive data. This vulnerability presents a potential risk for widespread exploitation in connected IoT environments.
by Dewank Pant
CVSS 5.4
Ingenious School Management System 2.3.0 - SQL Injection
/view/friend_profile.php in Ingenious School Management System 2.3.0 is vulnerable to Boolean-based and Time-based SQL injection in the 'friend_index' parameter of a GET request.
by Giulio Comi
CVSS 9.8
OctoberCMS 1.0.426 - CSRF
Cross-Site Request Forgery exists in OctoberCMS 1.0.426 (aka Build 426) due to improper validation of CSRF tokens for postback handling, allowing an attacker to successfully take over the victim's account. The attack bypasses a protection mechanism involving X-CSRF headers and CSRF tokens via a certain _handler postback variable.
by Zain Sabahat
CVSS 8.8
Zyxel Pk5001z Firmware - Credentials Management
ZyXEL PK5001Z devices have zyad5001 as the su password, which makes it easier for remote attackers to obtain root access if a non-root account password is known (or a non-root default account exists within an ISP's deployment of these devices).
by Matthew Sheimo
CVSS 8.8
Zomato Clone Script - SQL Injection
Zomato Clone Script allows SQL Injection via the restaurant-menu.php resid parameter.
by Ihsan Sencan
CVSS 9.8
Zeescripts Zeebuddy - SQL Injection
ZeeBuddy 2x allows SQL Injection via the admin/editadgroup.php groupid parameter, a different vulnerability than CVE-2008-3604.
by Ihsan Sencan
CVSS 9.8
Website Broker Script - SQL Injection
Website Broker Script allows SQL Injection via the 'status_id' Parameter to status_list.php.
by Ihsan Sencan
CVSS 9.8
Vastal Dating Zone - SQL Injection
Vastal I-Tech Dating Zone 0.9.9 allows SQL Injection via the 'product_id' to add_to_cart.php, a different vulnerability than CVE-2008-4461.
by Ihsan Sencan
CVSS 9.8
Vastal Agent Zone - SQL Injection
Vastal I-Tech Agent Zone (aka The Real Estate Script) allows SQL Injection in searchCommercial.php via the property_type, city, or posted_by parameter, or searchResidential.php via the property_type, city, or bedroom parameter, a different vulnerability than CVE-2008-3951, CVE-2009-3497, and CVE-2012-0982.
by Ihsan Sencan
CVSS 9.8
Rowindex US Zip Codes Database Script - SQL Injection
US Zip Codes Database Script 1.0 allows SQL Injection via the state parameter.
by Ihsan Sencan
CVSS 9.8
By Source