Text Exploits
31,329 exploits tracked across all sources.
SKILLS.com.au Industry App - Man In The Middle Remote Code Execution
by intern0t
Oracle E-Business Suite - Unauthorized Access
Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: iHelp). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Application Object Library accessible data as well as unauthorized update, insert or delete access to some of Oracle Application Object Library accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N).
by Sarath Nair
CVSS 8.2
Dell Sonicwall Secure Remote Access Server - Command Injection
The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to two Remote Command Injection vulnerabilities in its web administrative interface. These vulnerabilities occur in the diagnostics CGI (/cgi-bin/diagnostics) component responsible for emailing out information about the state of the system. The application doesn't properly escape the information passed in the 'tsrDeleteRestartedFile' or 'currentTSREmailTo' variables before making a call to system(), allowing for remote command injection. Exploitation of this vulnerability yields shell access to the remote machine under the nobody user account.
by xort
CVSS 9.8
Citrix NetScaler SD-WAN <v9.1.2.26.561201 - Command Injection
Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote attackers to execute arbitrary shell commands as root via a CGISESSID cookie. On CloudBridge (the former name of NetScaler SD-WAN) devices, the cookie name was CAKEPHP rather than CGISESSID.
by xort
CVSS 9.8
Pega Platform < 7.2_ml0 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in PEGA Platform 7.2 ML0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO to the main page; the (2) beanReference parameter to the JavaBean viewer page; or the (3) pyTableName to the System database schema modification page.
by Daniel Correa
CVSS 6.1
Pega Platform < 7.2_ml0 - Information Disclosure
The application distribution export functionality in PEGA Platform 7.2 ML0 and earlier allows remote authenticated users with certain privileges to obtain sensitive configuration information by leveraging a missing access control.
by Daniel Correa
CVSS 6.5
HashiCorp Vagrant VMware Fusion <4.0.21 - Privilege Escalation
The sudo helper in the HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.21 allows local users to gain root privileges by leveraging failure to verify the path to the encoded ruby script or scrub the PATH variable.
by Mark Wadham
CVSS 7.8
Apple Mac OS X + Safari - Local Javascript Quarantine Bypass
by Filippo Cavallarin
CyberArk Viewfinity <6.1.1.220 - Privilege Escalation
In CyberArk Viewfinity 5.5.10.95 and 6.x before 6.1.1.220, a low privilege user can escalate to an administrative user via a bug within the "add printer" option.
by geoda
CVSS 7.8
Dasan Networks GPON ONT WiFi Router H64X Series - Privilege Escalation
by LiquidWorm
Dasan Networks GPON ONT WiFi Router H64X Series - Cross-Site Request Forgery
by LiquidWorm
Dasan Networks GPON ONT WiFi Router H64X Series - Configuration Download
by LiquidWorm
Dasan Networks GPON ONT WiFi Router H64X Series - Authentication Bypass
by LiquidWorm
WordPress Plugin Sabai Discuss - Cross-Site Scripting
by Hesam Bazvand
AlienVault USM/OSSIM <5.3.7 & NfSen <1.3.8 - Privilege Escalation
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in privilege dropping and unnecessarily execute the NfSen Perl code as root, aka AlienVault ID ENG-104945, a different vulnerability than CVE-2017-6970 and CVE-2017-6971.
by Paul Taylor
CVSS 9.8
NfSen <1.3.8 - Command Injection
NfSen before 1.3.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the customfmt parameter (aka the "Custom output format" field).
by Paul Taylor
CVSS 9.9
Datataker Dt80 Dex Firmware - Information Disclosure
dataTaker DT80 dEX 1.50.012 allows remote attackers to obtain sensitive credential and configuration information via a direct request for the /services/getFile.cmd?userfile=config.xml URI.
by Nassim Asrir
CVSS 9.8
AlienVault USM/OSSIM <5.3.7/NfSen <1.3.8 - Command Injection
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow remote authenticated users to execute arbitrary commands in a privileged context, or launch a reverse shell, via vectors involving the PHP session ID and the NfSen PHP code, aka AlienVault ID ENG-104862.
by Paul Taylor
CVSS 8.8
AlienVault USM/OSSIM <5.3.7/NfSen <1.3.8 - Command Injection
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow local users to execute arbitrary commands in a privileged context via an NfSen socket, aka AlienVault ID ENG-104863.
by Paul Taylor
CVSS 8.4
By Source