Text Exploits
31,386 exploits tracked across all sources.
CKEditor 5 < 36.0.0 - Cross-Site Scripting via Full Featured Widget
CKSource CKEditor 5 35.4.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Full Featured CKEditor5 widget. NOTE: the vendor's position is that this is not a vulnerability. The CKEditor 5 documentation discusses that it is the responsibility of an integrator (who is adding CKEditor 5 functionality to a website) to choose the correct security settings for their use case. Also, safe default values are established (e.g., config.htmlEmbed.showPreviews is false).
by Manish Pathak
CVSS 6.1
Calendar Event Multi View WP <1.4.07 - XSS
The Calendar Event Multi View WordPress plugin before 1.4.07 does not have any authorisation and CSRF checks in place when creating an event, and is also lacking sanitisation as well as escaping in some of the event fields. This could allow unauthenticated attackers to create arbitrary events and put Cross-Site Scripting payloads in it.
by Mostafa Farzaneh
CVSS 4.3
Bus Pass Management System 1.0 - Stored Cross-Site Scripting (XSS)
by Matteo Conti
bgERP v22.31 (Orlovets) - Cookie Session vulnerability & Cross-Site Scripting (XSS)
by nu11secur1ty
ImageMagick 7.1.0-49 - Denial of Service via PNG Image Parsing
ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for stdin input.
by nu11secur1ty
CVSS 6.5
Skyhigh SWG <11.2.6-10.2.17-12.0.1 - XSS
A cross-site scripting vulnerability in Skyhigh SWG in main releases 11.x prior to 11.2.6, 10.x prior to 10.2.17, and controlled release 12.x prior to 12.0.1 allows a remote attacker to craft SWG-specific internal requests with URL paths to any third-party website, causing arbitrary content to be injected into the response when accessed through SWG.
by RedTeam Pentesting GmbH
CVSS 6.1
Provide Server 14.4 - Stored Cross-Site Scripting via Login Username Field
Cross Site Scripting (XSS) vulnerability in Provide server 14.4 allows attackers to execute arbitrary code through the server-log via username field from the login form.
by Andreas Finstad
CVSS 6.1
BTCPay Server < 1.7.5 - HTML Injection
Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver prior to 1.7.5.
by Manojkumar J
CVSS 5.3
ImageMagick 7.1.0-49 - Info Disclosure
ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it).
by Cristian Giustini
CVSS 6.5
Frappe ERPNext 12.29.0 - Stored Cross-Site Scripting
Frappe ERPNext 12.29.0 is vulnerable to XSS where the software does not neutralize or incorrectly neutralize user-controllable input before it is placed in output that is used as a web page that is served to other users.
by Patrick Dean Ramos / Nathu Nandwani / Junnair Manla
CVSS 6.1
D-Link DIR-846 FW100A53DBR - Remote Command Execution via lan_dhcps_staticlist
D-Link DIR-846 Firmware FW100A53DBR was discovered to contain a remote command execution (RCE) vulnerability via the lan(0)_dhcps_staticlist parameter. This vulnerability is exploited via a crafted POST request.
by Françoa Taffarel
CVSS 8.8
AmazCart CMS 3.4 Reflected Cross-Site Scripting via Search
AmazCart CMS 3.4 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting payloads through the search functionality. Attackers can enter script tags in the search box to execute arbitrary JavaScript that fires when search history is viewed or results are displayed.
by Sajibe Kanti
CVSS 6.1
ERPGo SaaS 3.9 CSV Injection via Vendor Creation
ERPGo SaaS 3.9 contains a CSV injection vulnerability that allows authenticated attackers to inject spreadsheet formulas into vendor name fields that execute on the workstation of users who open the exported CSV in a spreadsheet application. Attackers can add malicious formulas like =10+20+cmd|' /C calc'!A0 in the vendor creation form, which execute when the exported CSV file is opened in spreadsheet applications.
by Sajibe Kanti
CVSS 8.8
Zippy CRM 6.5.4 - Reflected Cross-Site Scripting via Unvalidated Input Parameters
Zstore, now referred to as Zippy CRM, 6.5.4 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts through unvalidated input parameters. Attackers can submit crafted payloads in manual insertion points to execute arbitrary JavaScript code in victim's browser context.
by nu11secur1ty
CVSS 6.1
Clevo HotKey Clipboard 2.1.0.6 - Code Injection
Clevo HotKey Clipboard 2.1.0.6 contains an unquoted service path vulnerability in the HKClipSvc service that allows local non-privileged users to potentially execute code with system privileges. Attackers can exploit the misconfigured service path to inject and execute arbitrary code by placing malicious executables in specific file system locations.
by Wim Jaap van Vliet
CVSS 8.4
Windows Backup Service - Privilege Escalation
Windows Backup Service Elevation of Privilege Vulnerability
by nu11secur1ty
CVSS 7.1
Microsoft Exchange Active Directory Topology 15.02.1118.007 - 'Service MSExchangeADTopology' Unquoted Service Path
by Milad karimi
Chromacam 4.0.3.0 - PsyFrameGrabberService Unquoted Service Path
by Laguin Benjamin
Roxy-WI <6.1.1.0 - Command Injection
Roxy-WI is a Web interface for managing HAProxy, Nginx and Keepalived servers. Prior to version 6.1.1.0, the system command can be run remotely via the subprocess_execute function without processing the inputs received from the user in the /app/options.py file. Version 6.1.1.0 contains a patch for this issue.
by Nuri Çilengir
CVSS 10.0
Roxy-wi < 6.1.1.0 - Unauthenticated Remote Code Execution via /app/options.py
Roxy-wi is an open source web interface for managing Haproxy, Nginx, Apache and Keepalived servers. A vulnerability in Roxy-wi allows a remote, unauthenticated attacker to code execution by sending a specially crafted HTTP request to /app/options.py file. This affects Roxy-wi versions before 6.1.1.0. Users are advised to upgrade. There are no known workarounds for this issue.
by Nuri Çilengir
CVSS 10.0
roxy-wi < 6.1.1.0 - Unauthenticated Authentication Bypass via Crafted HTTP Request
Roxy-wi is an open source web interface for managing Haproxy, Nginx, Apache and Keepalived servers. A vulnerability in Roxy-wi allows a remote, unauthenticated attacker to bypass authentication and access admin functionality by sending a specially crafted HTTP request. This affects Roxywi versions before 6.1.1.0. Users are advised to upgrade. There are no known workarounds for this issue.
by Nuri Çilengir
CVSS 10.0
pimCore v5.4.18-skeleton - Sensitive Cookie with Improper SameSite Attribute
by nu11secur1ty
Metform Elementor Contact Form Builder <3.1.2 - XSS
The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via text areas on forms in versions up to, and including, 3.1.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page, which is the submissions page.
by Mohammed Chemouri
CVSS 7.2
GLPI 10.0.0-10.0.2 - SQL Injection via Actor Fields
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions all assistance forms (Ticket/Change/Problem) permit sql injection on the actor fields. This issue has been resolved in version 10.0.2 and all affected users are advised to upgrade.
by Nuri Çilengir
CVSS 9.8
By Source