Text Exploits
31,383 exploits tracked across all sources.
Fortinet FortiWeb - SQL Injection
An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] vulnerability in Fortinet FortiWeb 7.6.0 through 7.6.3, FortiWeb 7.4.0 through 7.4.7, FortiWeb 7.2.0 through 7.2.10, FortiWeb 7.0.0 through 7.0.10 allows an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests.
by Milad Karimi (Ex3ptionaL)
CVSS 9.8
ingress-nginx < 1.11.5 and 1.12.0 - Remote Code Execution via auth-url Annotation Injection
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-url` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)
by Beatriz Fresno Naumova
CVSS 8.8
Docker Desktop - Privilege Escalation
A vulnerability was identified in Docker Desktop that allows local running Linux containers to access the Docker Engine API via the configured Docker subnet, at 192.168.65.7:2375 by default. This vulnerability occurs with or without Enhanced Container Isolation (ECI) enabled, and with or without the "Expose daemon on tcp://localhost:2375 without TLS" option enabled.
This can lead to execution of a wide range of privileged commands to the engine API, including controlling other containers, creating new ones, managing images etc. In some circumstances (e.g. Docker Desktop for Windows with WSL backend) it also allows mounting the host drive with the same privileges as the user running Docker Desktop.
by aprillefou
Chained Quiz <1.3.4 - Insecure Direct Object Reference
The Chained Quiz plugin for WordPress is vulnerable to Insecure Direct Object Reference in version 1.3.4 and below via the quiz submission and completion mechanisms due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to hijack and modify other users' quiz attempts by manipulating the chained_completion_id cookie value, allowing them to alter quiz answers, scores, and results of any user. The vulnerability was partially patched in versions 1.3.4 and 1.3.5.
by 0xsabre
CVSS 5.3
Summar Software's Portal del Empleado - SQL Injection
SQL injection vulnerability in Summar Software´s Portal del Empleado. This vulnerability allows an attacker to retrieve, create, update, and delete the database by sending a POST request using the parameter “ctl00$ContentPlaceHolder1$filtroNombre” in “/MemberPages/quienesquien.aspx”.
by Peter Gabaldon
Pluck < 4.7.7-dev2 - Unauthenticated Arbitrary PHP File Upload via .htaccess MIME Type Bypass
An issue was discovered in Pluck before 4.7.7-dev2. /data/inc/images.php allows remote attackers to upload and execute arbitrary PHP code by using the image/jpeg content type for a .htaccess file.
by CodeSecLab
CVSS 9.8
RosarioSIS 6.7.2 - Cross-Site Scripting via PrintSchedules.php include_inactive Parameter
RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation of user-supplied input by the PrintSchedules.php script. A remote attacker could exploit this vulnerability using the include_inactive parameter in a crafted URL.
by CodeSecLab
CVSS 6.1
RosarioSIS 6.7.2 - Cross-Site Scripting via Preferences.php Tab Parameter
RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation of user-supplied input by the Preferences.php script. A remote attacker could exploit this vulnerability using the tab parameter in a crafted URL.
by CodeSecLab
CVSS 6.1
Pluck 4.7.10 - Remote Code Execution via Trashcan Restore Item File Upload
File Upload vulnerability in PluckCMS v.4.7.10 allows a remote attacker to execute arbitrary code via the trashcan_restoreitem.php file.
by CodeSecLab
CVSS 7.2
phpmyfaq < 2.9.8 - Cross-Site Request Forgery in admin/stat.main.php
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.main.php.
by CodeSecLab
CVSS 8.8
phpmyfaq < 2.9.8 - Cross-Site Request Forgery in admin/ajax.config.php
In phpMyFaq before 2.9.9, there is CSRF in admin/ajax.config.php.
by CodeSecLab
CVSS 8.8
phpmyfaq < 2.9.8 - Cross-Site Request Forgery for Glossary Modification
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for modifying a glossary.
by CodeSecLab
CVSS 8.8
phpMyAdmin <4.9.4-5.0.1 - SQL Injection
In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server.
by CodeSecLab
CVSS 8.8
phpipam < 1.4 - SQL Injection via Custom Fields Order Table Parameter
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/order.php table parameter when action=add is used.
by CodeSecLab
CVSS 9.8
openSIS 8.0 - SQL Injection via ForgotPassUserName.php
An SQL Injection vulnerability exists in openSIS Community Edition version 8.0 via ForgotPassUserName.php.
by CodeSecLab
CVSS 9.8
OpenRepeater <2.2 - Command Injection
OpenRepeater (ORP) before 2.2 allows unauthenticated command injection via shell metacharacters in the functions/ajax_system.php post_service parameter.
by CodeSecLab
CVSS 9.8
mobiledetect < 2.8.32 - Cross-Site Scripting via $_SERVER['PHP_SELF'] in session_example.php
A vulnerability, which was classified as problematic, has been found in MobileDetect 2.8.31. This issue affects the function initLayoutType of the file examples/session_example.php of the component Example. The manipulation of the argument $_SERVER['PHP_SELF'] leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.8.32 is able to address this issue. The identifier of the patch is 31818a441b095bdc4838602dbb17b8377d1e5cce. It is recommended to upgrade the affected component. The identifier VDB-220061 was assigned to this vulnerability.
by CodeSecLab
CVSS 3.5
mangoswebv4 < 4.0.8 - Reflected Cross-Site Scripting via Install Step Parameter
paintballrefjosh/MaNGOSWebV4 before 4.0.8 is vulnerable to a reflected XSS in install/index.php (step parameter).
by CodeSecLab
CVSS 6.1
Piwigo 13.6.0 - SQL Injection via Profile Function
Piwigo 13.6.0 is vulnerable to SQL Injection via in the "profile" function.
by CodeSecLab
CVSS 9.8
phpipam 1.6 - Cross-Site Scripting via PowerDNS Record Edit Page
phpipam 1.6 is vulnerable to Cross Site Scripting (XSS) via /app/admin/powerDNS/record-edit.php.
by CodeSecLab
CVSS 7.1
phpipam 1.6 - Cross-Site Scripting via Import Load Data
phpipam 1.6 is vulnerable to Cross Site Scripting (XSS) via app\admin\import-export\import-load-data.php.
by CodeSecLab
CVSS 6.1
phpipam < 1.5.2 - SQL Injection
SQL Injection in GitHub repository phpipam/phpipam prior to v1.5.2.
by CodeSecLab
CVSS 7.2
YOURLS < 1.8.3 - Cross-Site Request Forgery
Cross-Site Request Forgery (CSRF) in GitHub repository yourls/yourls prior to 1.8.3.
by CodeSecLab
CVSS 7.4
phpmyfaq < 3.1.8 - Reflected Cross-Site Scripting
Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.8.
by CodeSecLab
CVSS 6.1
By Source