Text Exploits
31,330 exploits tracked across all sources.
RealtyScript 4.0.2 Cross-Site Scripting via Multiple Parameters
Next Click Ventures RealtyScript 4.0.2 contains a cross-site scripting vulnerability that allows attackers to execute arbitrary HTML and script code by injecting malicious input through multiple parameters that are not properly sanitized. Attackers can craft requests with injected script payloads in vulnerable parameters to execute code in users' browser sessions within the context of the affected application.
by LiquidWorm
CVSS 6.1
RealtyScript 4.0.2 Multiple Cross-Site Request Forgery and Persistent Cross-Site Scripting Vulnerabilities
Next Click Ventures RealtyScript 4.0.2 contains cross-site request forgery and persistent cross-site scripting vulnerabilities that allow attackers to perform administrative actions and inject malicious scripts. Attackers can craft malicious web pages that execute unauthorized actions when logged-in users visit them, or inject persistent scripts that execute in the application context.
by LiquidWorm
CVSS 5.3
RealtyScript 4.0.2 SQL Injection via u_id and agent Parameters
Next Click Ventures RealtyScript 4.0.2 contains SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting arbitrary SQL code through the GET parameter 'u_id' in /admin/users.php and the POST parameter 'agent[]' in /admin/mailer.php. Attackers can exploit time-based blind SQL injection techniques to extract sensitive database information or cause denial of service through sleep-based payloads.
by LiquidWorm
CVSS 8.2
RealtyScript 4.0.2 Multiple Time-based Blind SQL Injection
Next Click Ventures RealtyScript 4.0.2 contains multiple time-based blind SQL injection vulnerabilities that allow unauthenticated attackers to extract database information by injecting SQL code into application parameters. Attackers can craft requests with time-delay payloads to infer database contents character by character based on response timing differences.
by LiquidWorm
CVSS 8.2
RealtyScript 4.0.2 Stored Cross-Site Scripting via text Parameter in pages.php
Next Click Ventures RealtyScript 4.0.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious HTML and iframe elements through the text parameter in the pages.php admin interface. Attackers can submit POST requests to the add page action with crafted iframe payloads in the text parameter to store malicious content that executes in the browsers of users viewing the affected pages.
by LiquidWorm
CVSS 6.4
RealtyScript 4.0.2 Stored Cross-Site Scripting via location_name Parameter
Next Click Ventures RealtyScript 4.0.2 contains a stored cross-site scripting vulnerability in the location_name parameter of the admin locations interface. Attackers can submit POST requests to the locations.php endpoint with JavaScript payloads in the location_name field to execute arbitrary code in administrator browsers.
by LiquidWorm
CVSS 7.2
RealtyScript 4.0.2 Cross-Site Request Forgery Unauthorized User Creation
Next Click Ventures RealtyScript 4.0.2 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create unauthorized user accounts and administrative users by crafting malicious forms. Attackers can submit hidden form data to /admin/addusers.php and /admin/editadmins.php endpoints to register new users with arbitrary credentials and escalate privileges to SUPERUSER level.
by LiquidWorm
CVSS 5.3
Adobe Flash Player <18.0.0.252-19.0.0.207 & 11.2.202.535 - RCE
Adobe Flash Player 18.x through 18.0.0.252 and 19.x through 19.0.0.207 on Windows and OS X and 11.x through 11.2.202.535 on Linux allows remote attackers to execute arbitrary code via a crafted SWF file, as exploited in the wild in October 2015.
by Google Security Research
CVSS 7.8
Belkin N150 F9k1009 Firmware < 1.00.07 - Path Traversal
Absolute path traversal vulnerability in the webproc cgi module on the Belkin N150 F9K1009 v1 router with firmware before 1.00.08 allows remote attackers to read arbitrary files via a full pathname in the getpage parameter.
by Rahul Pratap Singh
ZHONE < S3.0.501 - Multiple Remote Code Execution Vulnerabilities
by Lyon Yang
Microsoft Windows 10 - Access Control
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 mishandles junctions during mountpoint creation, which makes it easier for local users to gain privileges by leveraging certain sandbox access, aka "Windows Mount Point Elevation of Privilege Vulnerability."
by Google Security Research
PROLiNK H5004NK ADSL Wireless Modem - Multiple Vulnerabilities
by Karn Ganeshen
netis RealTek Wireless Router / ADSL Modem - Multiple Vulnerabilities
by Karn Ganeshen
ZyXEL PMG5318-B20A <1.00(AANC.2)C0 - RCE
The diagnostic-ping implementation on ZyXEL PMG5318-B20A devices with firmware before 1.00(AANC.2)C0 allows remote attackers to execute arbitrary commands via the PingIPAddr parameter.
by Karn Ganeshen
CVSS 9.8
Dasanzhone Znid 2426a Firmware < s3.0.501 - Credentials Management
backupsettings.html in the web administrative portal in Zhone zNID GPON 2426A before S3.0.501 places a session key in a URL, which allows remote attackers to obtain arbitrary user passwords via the sessionKey parameter in a getConfig action to backupsettings.conf.
by Lyon Yang
CVSS 8.8
Dasanzhone Znid 2426a Firmware < s3.0.501 - IDOR
The web administrative portal in Zhone zNID 2426A before S3.0.501 allows remote authenticated users to bypass intended access restrictions via a modified server response, related to an insecure direct object reference.
by Lyon Yang
CVSS 8.8
Netgear Voice Gateway 2.3.0.23_2.3.23 - Multiple Vulnerabilities
by Karn Ganeshen
F5 Enterprise Manager < 11.6.0 - Path Traversal
Directory traversal vulnerability in the configuration utility in F5 BIG-IP before 12.0.0 and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to access arbitrary files in the web root via unspecified vectors.
by Karn Ganeshen
Zhone zNID GPON 2426A <S3.0.501 - RCE
The web administrative portal in Zhone zNID GPON 2426A before S3.0.501 allows remote attackers to execute arbitrary commands via shell metacharacters in the ipAddr parameter to zhnping.cmd.
by Lyon Yang
CVSS 8.8
Joomla! Component com_realestatemanager 3.7 - SQL Injection
by Omer Ramić
PHPMyLicense 3.0.0 < 3.1.4 - Denial of Service
by Aria Akhavan Rezayat
Kallithea <0.3 - HTTP Response Splitting
CRLF injection vulnerability in Kallithea before 0.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the came_from parameter to _admin/login.
by LiquidWorm
By Source