Text Exploits
31,392 exploits tracked across all sources.
ZTE Zxv10 W300 Firmware - Credentials Management
ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow remote authenticated users to obtain user passwords by displaying user information in a Telnet connection.
by Karn Ganeshen
CVSS 8.8
ZTE Zxv10 W300 Firmware - Password Reset Weakness
ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow remote authenticated non-administrator users to change the admin password by intercepting an outgoing password change request, and changing the username parameter from "support" to "admin".
by Karn Ganeshen
CVSS 7.5
ZTE ZXHN H108N R1A Firmware < ZTE.bhs.ZXHNH108NR1A.k_PE - Cross-Site Scripting via errorpage Parameter
Cross-site scripting (XSS) vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allows remote attackers to inject arbitrary web script or HTML via the errorpage parameter.
by Karn Ganeshen
CVSS 6.1
ZTE ZXHN H108N R1A Firmware < ZTE.bhs.ZXHNH108NR1A.k_PE - Unauthenticated Hardcoded Root Password
ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE have a hardcoded password of root for the root account, which allows remote attackers to obtain administrative access via a TELNET session.
by Karn Ganeshen
CVSS 9.8
ZTE ZXHN H108N R1A Firmware < ZTE.bhs.ZXHNH108NR1A.k_PE - Unauthenticated Path Traversal via getpage Parameter
Absolute path traversal vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allows remote attackers to read arbitrary files via a full pathname in the getpage parameter.
by Karn Ganeshen
CVSS 7.5
ZTE ZXHN H108N R1A < ZTE.bhs.ZXHNH108NR1A.k_PE - Authenticated Access Control Bypass
ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allow remote authenticated users to bypass intended access restrictions via a modified request, as demonstrated by leveraging the support account to change a password via a cgi-bin/webproc accountpsd action.
by Karn Ganeshen
CVSS 4.9
ZTE ZXHN H108N R1A < ZTE.bhs.ZXHNH108NR1A.k_PE - Sensitive Info Exposure via cgi-bin/webproc
ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allow remote attackers to discover usernames and password hashes by reading the cgi-bin/webproc HTML source code, a different vulnerability than CVE-2015-8703.
by Karn Ganeshen
CVSS 7.5
ZTE ZXHN H108N R1A and ZXV10 W300 - Authenticated Sensitive Information Exposure via Configuration File
ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE and ZXV10 W300 devices W300V1.0.0f_ER1_PE allow remote authenticated users to bypass intended access restrictions, and discover credentials and keys, by reading the configuration file, a different vulnerability than CVE-2015-7248.
by Karn Ganeshen
CVSS 6.5
ZTE Zxv10 W300 Firmware - Credentials Management
ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow user accounts to have multiple valid username and password pairs, which allows remote authenticated users to login to a target account via any of its username and password pairs.
by Karn Ganeshen
CVSS 8.8
Netwin SurgeFTP Sever 23d6 - Persistent Cross-Site Scripting
by Un_N0n
Horde Groupware < 5.2.11 - Cross-Site Request Forgery via Admin Shell Parameters
Multiple cross-site request forgery (CSRF) vulnerabilities in Horde before 5.2.8, Horde Groupware before 5.2.11, and Horde Groupware Webmail Edition before 5.2.11 allow remote attackers to hijack the authentication of administrators for requests that execute arbitrary (1) commands via the cmd parameter to admin/cmdshell.php, (2) SQL queries via the sql parameter to admin/sqlshell.php, or (3) PHP code via the php parameter to admin/phpshell.php.
by High-Tech Bridge SA
Google Chrome < 45.0.2454.101 - Denial of Service
Multiple unspecified vulnerabilities in Google Chrome before 46.0.2490.71 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
by Google Security Research
IBM i Access 7.1 - Local Privilege Escalation via Buffer Overflow
Buffer overflow in IBM i Access 7.1 on Windows allows local users to gain privileges via unspecified vectors.
by hyp3rlinx
CVSS 8.8
IBM i Access 7.1 - Denial of Service via Buffer Overflow
Buffer overflow in IBM i Access 7.1 on Windows allows local users to cause a denial of service (application crash) via unspecified vectors.
by hyp3rlinx
CVSS 5.5
AlegroCart 1.2.8 - Authenticated Remote Code Execution via File Path Parameter
PHP remote file inclusion vulnerability in the get_file function in upload/admin2/controller/report_logs.php in AlegroCart 1.2.8 allows remote administrators to execute arbitrary PHP code via a URL in the file_path parameter to upload/admin2.
by Curesec Research Team
CVSS 7.2
AlegroCart 1.2.8 - Authenticated SQL Injection via Download Parameter
Multiple SQL injection vulnerabilities in AlegroCart 1.2.8 allow remote administrators to execute arbitrary SQL commands via the download parameter in the (1) check_download and possibly (2) check_filename function in upload/admin2/model/products/model_admin_download.php or remote authenticated users with a valid Paypal transaction token to execute arbitrary SQL commands via the ref parameter in the (3) orderUpdate function in upload/catalog/extension/payment/paypal.php.
by Curesec Research Team
CVSS 7.2
TECO TP3-PCLINK 2.1 - '.tpc' Handling Buffer Overflow (PoC)
by LiquidWorm
TECO SG2 FBD Client 3.51 - '.gfb' Overwrite Buffer Overflow (SEH) (PoC)
by LiquidWorm
TECO AP-PCLINK 1.094 - '.tpc' File Handling Buffer Overflow (PoC)
by LiquidWorm
Microsoft Windows - Remote Code Execution via Crafted Embedded Font
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted embedded font, aka "Windows Graphics Memory Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-6103.
by Google Security Research
Microsoft Windows - Remote Code Execution via Crafted Embedded Font
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted embedded font, aka "Windows Graphics Memory Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-6104.
by Google Security Research
Kaspersky AntiVirus - Certificate Handling Directory Traversal
by Google Security Research
Kaspersky AntiVirus - '.ZIP' File Format Use-After-Free
by Google Security Research
Kaspersky AntiVirus - '.DEX' File Format Memory Corruption
by Google Security Research
By Source