Text Exploits
31,341 exploits tracked across all sources.
Sleuthkit The Sleuth Kit - OS Command Injection
OS Command injection vulnerability in sleuthkit fls tool 4.11.1 allows attackers to execute arbitrary commands via a crafted value to the m parameter. NOTE: third parties have disputed this because there is no analysis showing that the backtick command executes outside the context of the user account that entered the command line.
by Dino Barlattani
CVSS 7.8
PMB 7.4.6 - SQL Injection
PMB 7.4.6 contains a SQL injection vulnerability in the storage parameter of the ajax.php endpoint that allows remote attackers to manipulate database queries. Attackers can exploit the unsanitized 'id' parameter by injecting conditional sleep statements to extract information or perform time-based blind SQL injection attacks.
by str0xo DZ
CVSS 7.5
Aimonesoft Aimone Video Converter - Buffer Overflow
AimOne Video Converter 2.04 Build 103 contains a buffer overflow vulnerability in its registration form that causes application crashes. Attackers can generate a 7000-byte payload to trigger the denial of service and potentially exploit the software's registration mechanism.
by nu11secur1ty
CVSS 6.5
Splashtop 8.71.12001.0 - Code Injection
Splashtop 8.71.12001.0 contains an unquoted service path vulnerability in the Splashtop Software Updater Service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files (x86)\Splashtop\Splashtop Software Updater\ to inject malicious executables and escalate privileges.
by A.I. hernandez
CVSS 8.4
Reprisesoftware Reprise License Manager < 16.0 - XSS
XSS in signing form in Reprise Software RLM License Administration v14.2BL4 allows remote attacker to inject arbitrary code via password field.
by Mohammed A.Siledar
CVSS 6.1
Yui < 2800 - XSS
Reflected cross-site scripting (XSS) exists in Sandbox examples in the YUI2 repository. The download distributions, TreeView component and the YUI Javascript library overall are not affected. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
by SITE Team
CVSS 6.1
perfSONAR <4.4.5 - CSRF
perfSONAR v4.x <= v4.4.5 was discovered to contain a Cross-Site Request Forgery (CSRF) which is triggered when an attacker injects crafted input into the Search function.
by Ryan Moore
CVSS 4.3
CWP login.php Unauthenticated RCE
login/index.php in CWP (aka Control Web Panel or CentOS Web Panel) 7 before 0.9.8.1147 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the login parameter.
by numan türle
CVSS 9.8
Ubuntu Enlightenment Mount Priv Esc
enlightenment_sys in Enlightenment before 0.25.4 allows local users to gain privileges because it is setuid root, and the system library function mishandles pathnames that begin with a /dev/.. substring.
by nu11secur1ty
CVSS 7.8
Log4Shell HTTP Header Injection
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.
by Chan Nyein Wai
CVSS 10.0
GeoVision Camera GV-ADR2701 - Authentication Bypass
by Chan Nyein Wai
Hughes Satellite Router HX200 v8.3.1.14 - Remote File Inclusion
by LiquidWorm
ELSI Smart Floor V3.3.3 - Stored Cross-Site Scripting (XSS)
by Rob_ CTRL Group
SOUND4 Server Service 4.1.102 - Privilege Escalation
SOUND4 Server Service 4.1.102 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted binary path by inserting malicious code in the system root path that could execute with LocalSystem privileges during service startup.
by LiquidWorm
CVSS 8.4
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - RCE
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an unauthenticated vulnerability in the /usr/cgi-bin/restorefactory.cgi endpoint that allows remote attackers to reset device configuration. Attackers can send a POST request to the endpoint with specific data to trigger a factory reset and bypass authentication, gaining full system control.
by LiquidWorm
CVSS 9.8
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Command Injection
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an unauthenticated OS command injection vulnerability that allows remote attackers to execute arbitrary shell commands through the 'password' parameter. Attackers can exploit the login.php and index.php scripts by injecting shell commands via the 'password' POST parameter to execute commands with web server privileges.
by LiquidWorm
CVSS 9.8
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Path Traversal
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an unauthenticated directory traversal vulnerability that allows remote attackers to write arbitrary files through the 'upgfile' parameter in upload.cgi. Attackers can exploit the vulnerability by sending crafted multipart form-data POST requests with directory traversal sequences to write files to unintended system locations.
by LiquidWorm
CVSS 7.5
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - CSRF
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages that submit HTTP requests to the radio processing interface, triggering unintended administrative operations when a logged-in user visits the page.
by LiquidWorm
CVSS 4.3
SOUND4 IMPACT/FIRST/PULSE/Eco 2.x - SQL Injection
SOUND4 IMPACT/FIRST/PULSE/Eco version 2.x contains an SQL injection vulnerability in the 'index.php' authentication mechanism that allows attackers to manipulate login credentials. Attackers can inject malicious SQL code through the 'password' POST parameter to bypass authentication and potentially gain unauthorized access to the system.
by LiquidWorm
CVSS 9.8
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Auth Bypass
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an insecure direct object reference vulnerability that allows attackers to bypass authorization and access hidden system resources. Attackers can exploit the vulnerability by manipulating user-supplied input to execute privileged functionalities without proper authentication.
by LiquidWorm
CVSS 9.8
CoolerMaster MasterPlus <1.8.5 - Code Injection
CoolerMaster MasterPlus 1.8.5 contains an unquoted service path vulnerability in the MPService that allows local attackers to execute code with elevated system privileges. Attackers can drop a malicious executable in the service path and trigger code execution during service startup or system reboot.
by Damian Semon Jr
CVSS 8.4
Senayan Library Management System 9.0.0 - SQL Injection
Senayan Library Management System 9.0.0 contains a SQL injection vulnerability in the 'class' parameter that allows attackers to inject malicious SQL queries. Attackers can exploit the vulnerability by submitting crafted payloads to manipulate database queries and potentially extract sensitive information.
by nu11secur1ty
CVSS 8.2
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Denial Of Service (DoS)
by LiquidWorm
By Source