Text Exploits
31,329 exploits tracked across all sources.
Sitecore CMS 8.2 - Cross-Site Scripting / Arbitrary File Disclosure
by Usman Saeed
Serviio PRO 1.8 Local Privilege Escalation via Unquoted Path
Serviio PRO 1.8 contains an unquoted search path vulnerability in the Windows service that allows local users to execute arbitrary code with elevated privileges by placing malicious executables in the system root path. Additionally, improper directory permissions with full access for the Users group allow authenticated users to replace the executable file with arbitrary binaries, enabling privilege escalation during service startup or system reboot.
by LiquidWorm
CVSS 7.8
Wordpress < 4.7.4 - Password Reset Weakness
WordPress through 4.7.4 relies on the Host HTTP header for a password-reset e-mail message, which makes it easier for remote attackers to reset arbitrary passwords by making a crafted wp-login.php?action=lostpassword request and then arranging for this message to bounce or be resent, leading to transmission of the reset key to a mailbox on an attacker-controlled SMTP server. This is related to problematic use of the SERVER_NAME variable in wp-includes/pluggable.php in conjunction with the PHP mail function. Exploitation is not achievable in all cases because it requires at least one of the following: (1) the attacker can prevent the victim from receiving any e-mail messages for an extended period of time (such as 5 days), (2) the victim's e-mail system sends an autoresponse containing the original message, or (3) the victim manually composes a reply containing the original message.
by Dawid Golunski
CVSS 5.9
Zyxel P-660HW-61 Firmware < 3.40(PE.11)C0 Router - Local File Inclusion
by ReverseBrain
HideMyAss Pro VPN Client for OS X 2.2.7.0 - Local Privilege Escalation
by Han Sahin
HideMyAss Pro VPN Client for macOS 3.x - Local Privilege Escalation
by Han Sahin
Admidio < 4.1-Beta.1 - CSRF
admidio 3.2.8 has CSRF in adm_program/modules/members/members_function.php with an impact of deleting arbitrary user accounts.
by Faiz Ahmed Zaidi
CVSS 4.5
Revive Ad Server 4.0.1 - Cross-Site Scripting / Cross-Site Request Forgery
by Cyril Vallicari
HP Opencall Media Platform < 3.4.2 - XSS
A Remote Code Execution vulnerability in HPE OpenCall Media Platform (OCMP) was found. The vulnerability impacts OCMP versions prior to 3.4.2 RP201 (for OCMP 3.x), all versions prior to 4.4.7 RP702 (for OCMP 4.x).
by Paolo Stagno
CVSS 6.1
Oracle PeopleSoft Products <8.56 - Info Disclosure
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of PeopleSoft Enterprise PeopleTools. CVSS 3.0 Base Score 6.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L).
by ERPScan
CVSS 6.5
Dolby DAX2/DAX3 - Privilege Escalation
The Dolby DAX2 and DAX3 API services are vulnerable to a privilege escalation vulnerability that allows a normal user to get arbitrary system privileges, because these services have .NET code for DCOM. This affects Dolby Audio X2 (DAX2) 1.0, 1.0.1, 1.1, 1.1.1, 1.2, 1.3, 1.3.1, 1.3.2, 1.4, 1.4.1, 1.4.2, 1.4.3, and 1.4.4 and Dolby Audio X3 (DAX3) 1.0 and 1.1. An example affected driver is Realtek Audio Driver 6.0.1.7898 on a Lenovo P50.
by Google Security Research
CVSS 7.8
FlySpray 1.0-rc4 - Cross-Site Scripting / Cross-Site Request Forgery
by Cyril Vallicari
HP Opencall Media Platform < 3.4.2 - Injection
A Remote Code Execution vulnerability in HPE OpenCall Media Platform (OCMP) was found. The vulnerability impacts OCMP versions prior to 3.4.2 RP201 (for OCMP 3.x), all versions prior to 4.4.7 RP702 (for OCMP 4.x).
by Paolo Stagno
CVSS 8.8
LightDM <1.22.0 - Path Traversal
In LightDM through 1.22.0, a directory traversal issue in debian/guest-account.sh allows local attackers to own arbitrary directory path locations and escalate privileges to root when the guest user logs out.
by G. Geshev
CVSS 7.3
Oracle E-Business Suite <12.2.6 - RCE
Vulnerability in the Oracle Scripting component of Oracle E-Business Suite (subcomponent: Scripting Administration). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Scripting. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Scripting accessible data as well as unauthorized access to critical data or complete access to all Oracle Scripting accessible data. CVSS 3.0 Base Score 9.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).
by ERPScan
CVSS 9.1
Joomla! Component Myportfolio 3.0.2 - 'pid' SQL Injection
by Persian Hack Team
By Source