Text Exploits
31,394 exploits tracked across all sources.
SQLite < 3.8.10.1 - Multiple Unspecified Vulnerabilities
Multiple unspecified vulnerabilities in SQLite before 3.8.10.2, as used in Apple iOS before 9, have unknown impact and attack vectors.
by Andras Kabai
ZeusCart 4 - Authenticated SQL Injection via Admin Backend Parameters
Multiple SQL injection vulnerabilities in the administrative backend in ZeusCart 4 allow remote administrators to execute arbitrary SQL commands via the id parameter in a (1) disporders detail or (2) subadminmgt edit action or (3) cid parameter in an editcurrency action to admin/.
by Steffen Rösemann
ZeusCart 4 - Cross-Site Scripting via schltr or brand Parameter
Multiple cross-site scripting (XSS) vulnerabilities in ZeusCart 4 allow remote attackers to inject arbitrary web script or HTML via the (1) schltr parameter in a brands action or (2) brand parameter in a viewbrands action to index.php. NOTE: The search parameter vector is already covered by CVE-2010-5322.
by Steffen Rösemann
ZeusCart < 4.0 - Cross-Site Scripting via Search Parameter
Cross-site scripting (XSS) vulnerability in ZeusCart 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in a search action to index.php.
by Steffen Rösemann
ZeusCart 4 - Exposure of Sensitive Information via phpinfo Function
ZeusCart 4 allows remote attackers to obtain configuration information via a getphpinfo action to admin/, which calls the phpinfo function.
by Steffen Rösemann
Easy Social Icons < 1.2.2 - Cross-Site Request Forgery via Image File Parameter
Cross-site request forgery (CSRF) vulnerability in the Easy Social Icons plugin before 1.2.3 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the image_file parameter in an edit action in the cnss_social_icon_add page to wp-admin/admin.php.
by Eric Flokstra
Phpbugtracker < 1.6.0 - SQL Injection
Multiple SQL injection vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote attackers to execute arbitrary SQL commands via unspecified parameters.
by Steffen Rösemann
CVSS 9.8
ClipBucket 2.7 RC3 (2.7.0.4.v2929-rc3) - SQL Injection via Item Parameter
SQL injection vulnerability in view_item.php in ClipBucket 2.7 RC3 (2.7.0.4.v2929-rc3) allows remote attackers to execute arbitrary SQL commands via the item parameter.
by CWH Underground
Beehive Forum 1.4.4 - Cross-Site Scripting via Edit Preferences Parameters
Multiple cross-site scripting (XSS) vulnerabilities in edit_prefs.php in Beehive Forum 1.4.4 allow remote attackers to inject arbitrary web script or HTML via the (1) homepage_url, (2) pic_url, or (3) avatar_url parameter, which are not properly handled in an error message.
by Halil Dalabasmaz
PHP < 5.4.38, 5.5.x < 5.5.22, 5.6.x < 5.6.6 - Use-After-Free via Crafted Serialized DateTime Data
Multiple use-after-free vulnerabilities in ext/date/php_date.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allow remote attackers to execute arbitrary code via crafted serialized input containing a (1) R or (2) r type specifier in (a) DateTimeZone data handled by the php_date_timezone_initialize_from_hash function or (b) DateTime data handled by the php_date_initialize_from_hash function.
by Taoguang Chen
Piwigo < 2.7.3 - Authenticated SQL Injection via Filter Level Parameter
SQL injection vulnerability in Piwigo before 2.7.4, when all filters are activated, allows remote authenticated users to execute arbitrary SQL commands via the filter_level parameter in a "Refresh photo set" action in the batch_manager page to admin.php.
by Sven Schleier
Wordpress <0.5.10 - Authenticated RCE
The Duplicator plugin in Wordpress before 0.5.10 allows remote authenticated users to create and download backup files.
by Kacper Szurek
CVSS 8.2
eTouch SamePage Enterprise Edition 4.4.0.0.239 - SQL Injection via catId Parameter
SQL injection vulnerability in eTouch SamePage Enterprise Edition 4.4.0.0.239 allows remote attackers to execute arbitrary SQL commands via the catId parameter to cm/blogrss/feed.
by Brandon Perry
WonderPlugin Audio Player < 2.0 - Authenticated SQL Injection via item[id] Parameter
Multiple SQL injection vulnerabilities in the WonderPlugin Audio Player plugin before 2.1 for WordPress allow (1) remote authenticated users to execute arbitrary SQL commands via the item[id] parameter in a wonderplugin_audio_save_item action to wp-admin/admin-ajax.php or remote administrators to execute arbitrary SQL commands via the itemid parameter in the (2) wonderplugin_audio_show_item, (3) wonderplugin_audio_show_items, or (4) wonderplugin_audio_edit_item page to wp-admin/admin.php.
by Kacper Szurek
WonderPlugin Audio Player < 2.0 - Cross-Site Scripting via item[name] or item[customcss] Parameter
Multiple cross-site scripting (XSS) vulnerabilities in the wp_ajax_save_item function in wonderpluginaudio.php in the WonderPlugin Audio Player plugin before 2.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) item[name] or (2) item[customcss] parameter in a wonderplugin_audio_save_item action to wp-admin/admin-ajax.php or the itemid parameter in the (3) wonderplugin_audio_show_item or (4) wonderplugin_audio_edit_item page to wp-admin/admin.php.
by Kacper Szurek
FancyBox for WordPress <3.0.3 - XSS
The FancyBox for WordPress plugin before 3.0.3 for WordPress does not properly restrict access, which allows remote attackers to conduct cross-site scripting (XSS) attacks via an mfbfw[*] parameter in an update action to wp-admin/admin-post.php, as demonstrated by the mfbfw[padding] parameter and exploited in the wild in February 2015.
by NULLpOint7r
eTouch SamePage Enterprise Edition 4.4.0.0.239 - Authenticated Path Traversal via filepath Parameter
Directory traversal vulnerability in cm/newui/blog/export.jsp in eTouch SamePage Enterprise Edition 4.4.0.0.239 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the filepath parameter.
by Brandon Perry
Realtek 11n Wireless LAN utility - Local Privilege Escalation
by Humberto Cabrera
Apptha WordPress Video Gallery < 2.7 - SQL Injection via vid Parameter
SQL injection vulnerability in videogalleryrss.php in the Apptha WordPress Video Gallery (contus-video-gallery) plugin before 2.8 for WordPress allows remote attackers to execute arbitrary SQL commands via the vid parameter in a rss action to wp-admin/admin-ajax.php.
by Claudio Viviani
Exponent CMS < 2.1.4, 2.2.x < 2.2.3, 2.3.x < 2.3.1 - Cross-Site Scripting via PATH_INFO or User Profile Fields
Multiple cross-site scripting (XSS) vulnerabilities in Exponent CMS before 2.1.4 patch 6, 2.2.x before 2.2.3 patch 9, and 2.3.x before 2.3.1 patch 4 allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO, the (2) src parameter in a none action to index.php, or the (3) "First Name" or (4) "Last Name" field to users/edituser.
by Mayuresh Dani
WordPress Survey and Poll 1.1.7 - SQL Injection via survey_id Parameter
SQL injection vulnerability in the ajax_survey function in settings.php in the WordPress Survey and Poll plugin 1.1.7 for Wordpress allows remote attackers to execute arbitrary SQL commands via the survey_id parameter in an ajax_survey action to wp-admin/admin-ajax.php.
by Securely (Yoo Hee man)
By Source