Text Exploits
31,394 exploits tracked across all sources.
phpFileManager 0.9.8 - Remote Command Execution
by hyp3rlinx
Sudo <1.8.15 - Privilege Escalation
sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by "/home/*/*/file.txt."
by daniel svartman
Xceedium Xsuite - Open Redirect via redirurl Parameter
Open redirect vulnerability in Xsuite 2.4.4.5 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirurl parameter.
by modzero
CVSS 6.1
Xceedium Xsuite 2.x - Use of Hard-coded Credentials
Multiple hardcoded credentials in Xsuite 2.x.
by modzero
CVSS 9.8
Xceedium Xsuite - Directory Traversal via opm/read_sessionlog.php logFile Parameter
Directory traversal vulnerability in opm/read_sessionlog.php in Xceedium Xsuite 2.4.4.5 and earlier allows remote attackers to read arbitrary files via a ....// (quadruple dot double slash) in the logFile parameter.
by modzero
Xceedium Xsuite <= 2.4.4.1 - Cross-Site Scripting via ajax_cmd.php fileName Parameter
Cross-site scripting (XSS) vulnerability in ajax_cmd.php in Xceedium Xsuite 2.4.4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the fileName parameter.
by modzero
CA Privileged Access Manager < 2.4.4.4 - Remote Command Execution
An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and earlier allows remote attackers to execute arbitrary commands.
by modzero
CVSS 9.8
Xceedium Xsuite 2.x - Unauthenticated SQL Injection via Default MySQL Root Account
The MySQL "root" user in Xsuite 2.x does not have a password set, which allows local users to access databases on the system.
by modzero
CVSS 7.8
WordPress Plugin Unite Gallery Lite 1.4.6 - Multiple Vulnerabilities
by Nitin Venkatesh
WordPress Count Per Day <3.4.1 - SQL Injection
SQL injection vulnerability in counter-options.php in the Count Per Day plugin before 3.4.1 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the cpd_keep_month parameter to wp-admin/options-general.php. NOTE: this can be leveraged using CSRF to allow remote attackers to execute arbitrary SQL commands.
by High-Tech Bridge SA
CVSS 7.2
Hawkeye-G 3.0.1.4912 - Persistent Cross-Site Scripting / Information Leakage
by hyp3rlinx
libuser <0.56.13-8 & 0.60 <0.60-7 - DoS
libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service (inconsistent file state) by causing an error during the modification. NOTE: this issue can be combined with CVE-2015-3245 to gain privileges.
by Qualys Corporation
Hexis HawkEye G 3.0.1.4912 - Cross-Site Request Forgery via Multiple Endpoints
Multiple cross-site request forgery (CSRF) vulnerabilities in Hexis HawkEye G 3.0.1.4912 allow remote attackers to hijack the authentication of administrators for requests that (1) add arbitrary accounts via the name parameter to interface/rest/accounts/json; turn off the (2) Url matching, (3) DNS Inject, or (4) IP Redirect Sensor in a request to interface/rest/dpi/setEnabled/1; or (5) perform whitelisting of malware MD5 hash IDs via the id parameter to interface/rest/md5-threats/whitelist.
by hyp3rlinx
CVSS 8.8
Helpdesk Pro < 1.3.0 - Path Traversal via Ticket Download Attachment Filename Parameter
Directory traversal vulnerability in the Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter in a ticket.download_attachment task.
by Simon Rawet
CVSS 7.5
Helpdesk Pro < 1.3.0 - SQL Injection via Ticket Code or Email Parameter
Multiple SQL injection vulnerabilities in the Helpdesk Pro plugin before 1.4.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) ticket_code or (2) email parameter or (3) remote authenticated users to execute arbitrary SQL commands via the filter_order parameter.
by Simon Rawet
CVSS 9.8
Helpdesk Pro < 1.3.0 - Cross-Site Scripting via Name and Message Parameters
Multiple cross-site scripting (XSS) vulnerabilities in the Helpdesk Pro plugin before 1.4.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via vectors related to name and message.
by Simon Rawet
CVSS 5.4
Helpdesk Pro Plugin < 1.3.0 - Unauthorized Support Ticket Information Disclosure via Ticket ID
The Helpdesk Pro Plugin before 1.4.0 for Joomla! allows remote attackers to read the support tickets of arbitrary users via obtaining the target ticketId, and navigating to http://{target}/component/helpdeskpro/?view=ticket&id={ticketId}.
by Simon Rawet
CVSS 5.3
xpcom - Denial of Service via Nested DIV Tags
Race condition in the xpcom library, as used by web browsers such as Firefox, Mozilla, Netscape, and Galeon, allows remote attackers to cause a denial of service (application crash) via a large HTML file that loads a DOM call from within nested DIV tags, which causes part of the currently rendering page and referenced objects to be deleted.
by GulfTech Security
Helpdesk Pro < 1.3.0 - Arbitrary File Write via Language Save Task
The Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to write to arbitrary .ini files via a crafted language.save task.
by Simon Rawet
CVSS 8.1
Microsoft Office 2007 SP3 and 2010 SP2 - Remote Code Execution via Crafted Office Document
Microsoft Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Excel 2010 SP2, PowerPoint 2010 SP2, and Word 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Word Local Zone Remote Code Execution Vulnerability."
by Eduardo Braun Prado
phpvibe < 4.20 - Authenticated Stored Cross-Site Scripting via Comment
Cross-site scripting (XSS) vulnerability in PHPVibe before 4.21 allows remote authenticated users to inject arbitrary web script or HTML via a comment.
by Filippos Mastrogiannis
CVSS 5.4
tcpdump < 4.7.0 - Denial of Service via Crafted RPKI-RTR PDU Header Length
The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via a crafted header length in an RPKI-RTR Protocol Data Unit (PDU).
by Luke Arntson
WordPress Plugin BuddyPress Activity Plus 1.5 - Cross-Site Request Forgery
by Tom Adams
By Source