Text Exploits
31,330 exploits tracked across all sources.
Plone < 4.3.7 - CSRF
Multiple cross-site request forgery (CSRF) vulnerabilities in Zope Management Interface 4.3.7 and earlier, and Plone before 5.x.
by hyp3rlinx
CVSS 8.8
GLPI 0.85.5 - Arbitrary File Upload / Filter Bypass / Remote Code Execution
by Raffaele Forte
Ciphershed < 0.7.5.0 - Access Control
The IsDriveLetterAvailable method in Driver/Ntdriver.c in TrueCrypt 7.0, VeraCrypt before 1.15, and CipherShed, when running on Windows, does not properly validate drive letter symbolic links, which allows local users to mount an encrypted volume over an existing drive letter and gain privileges via an entry in the /GLOBAL?? directory.
by Google Security Research
CVSS 7.8
Alienvault Open Source SIEM (OSSIM) 4.3 - Cross-Site Request Forgery
by MohamadReza Mohajerani
ManageEngine ServiceDesk Plus 9.1 build 9110 - Directory Traversal
by xistence
Avast! AntiVirus - X.509 Error Rendering Command Execution
by Google Security Research
Bosch Security Systems NBN-498 Dinion2X - XML Injection
The web interface in Bosch Security Systems NBN-498 Dinion2X Day/Night IP Cameras with H.264 Firmware 4.54.0026 allows remote attackers to conduct XML injection attacks via the idstring parameter to rcp.xml.
by neom22
CVSS 9.8
PIXORD Vehicle 3G Wi-Fi Router 3GR-431P - Multiple Vulnerabilities
by Karn Ganeshen
Kaseya Virtual System Administrator < 7.0.0.33 - Path Traversal
Directory traversal vulnerability in Kaseya Virtual System Administrator (VSA) 7.0.0.0 before 7.0.0.33, 8..0.0.0 before 8.0.0.23, 9.0.0.0 before 9.0.0.19, and 9.1.0.0 before 9.1.0.9 allows remote authenticated users to write to and execute arbitrary files due to insufficient restrictions in file paths to json.ashx.
by Pedro Ribeiro
CVSS 8.8
kernel_crashdump <2.19 - DoS
kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log.
by halfdog
Western Digital My Cloud 04.01.03-421/04.01.04-422 - Command Injection
by absane
Kaseya Virtual System Administrator < 7.0.0.33 - Authentication Bypass
Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.33, 8.x before 8.0.0.23, 9.0 before 9.0.0.19, and 9.1 before 9.1.0.9 does not properly require authentication, which allows remote attackers to bypass authentication and (1) add an administrative account via crafted request to LocalAuth/setAccount.aspx or (2) write to and execute arbitrary files via a full pathname in the PathData parameter to ConfigTab/uploader.aspx.
by Pedro Ribeiro
CVSS 9.8
Vtiger CRM <6.3.0 - RCE
Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyDetailsSave_Action class in modules/Settings/Vtiger/actions/CompanyDetailsSave.php in Vtiger CRM 6.3.0 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in test/logo/.
by Benjamin Daniel Mussler
CVSS 8.8
BMC Track-It! 11.4 - Info Disclosure
BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting configuration service (ConfigurationService) on port 9010. This service contains a method that can be used to retrieve a configuration file that contains the application database name, username and password as well as the domain administrator username and password. These are encrypted with a fixed key and IV ("NumaraIT") using the DES algorithm. The domain administrator username and password can only be obtained if the Self-Service component is enabled, which is the most common scenario in enterprise deployments.
by Pedro Ribeiro
CVSS 9.8
Adobe Flash Player <18.0.0.241-11.2.202.521, Adobe AIR <19.0.0.190 ...
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to cause a denial of service (vector-length corruption) or possibly have unspecified other impact via unknown vectors.
by Google Security Research
Adobe Reader/Acrobat <10.1.14, 11.x <11.0.11 - Auth Bypass
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, and CVE-2015-3074.
by Reigning Shells
Vtiger CRM 6.4.0 - RCE
Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyDetailsSave_Action class in modules/Settings/Vtiger/actions/CompanyDetailsSave.php in Vtiger CRM 6.4.0 allows remote authenticated users to execute arbitrary code by uploading a crafted image file with an executable extension, then accessing it via a direct request to the file in test/logo/. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6000.
by Benjamin Daniel Mussler
CVSS 7.3
Infinite Automation Mango Automation <2.6.0 - RCE
Unrestricted file upload vulnerability in Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 allows remote authenticated users to execute arbitrary JSP code via vectors involving an upload of an image file.
by LiquidWorm
Photos in Wifi 1.0.1 iOS - Arbitrary File Upload
by Vulnerability-Lab
My.WiFi USB Drive 1.0 iOS - Local File Inclusion
by Vulnerability-Lab
Telegram 3.2 - Input Length Handling Crash (PoC)
by Mohammad Reza Espargham
By Source