Text Exploits
31,394 exploits tracked across all sources.
TP-Link TL-WR740N Firmware <=3.17.0 DoS via PingIframeRpm.htm isNew Parameter
TP-Link TL-WR740N 4 with firmware 3.17.0 Build 140520, 3.16.6 Build 130529, and 3.16.4 Build 130205 allows remote attackers to cause a denial of service (httpd crash) via vectors involving a "new" value in the isNew parameter to PingIframeRpm.htm.
by LiquidWorm
Advantech EKI-6340 2.05 - Authenticated OS Command Injection via pinghost Parameter
cgi/utility.cgi in Advantech EKI-6340 2.05 Wi-Fi Mesh Access Point allows remote authenticated users to execute arbitrary commands via shell metacharacters in the pinghost parameter to ping.cgi.
by Core Security
RobotStats 1.0 - Cross-Site Scripting via nom or user_agent Parameter
Multiple cross-site scripting (XSS) vulnerabilities in admin/robots.lib.php in RobotStats 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) nom or (2) user_agent parameter to admin/robots.php.
by ZoRLu Bugrahan
Privacyware Privatefirewall 7.0 - Unquoted Service Path Privilege Escalation
by LiquidWorm
CreativeMinds CM Downloads Manager <2.0.4 - RCE
The alterSearchQuery function in lib/controllers/CmdownloadController.php in the CreativeMinds CM Downloads Manager plugin before 2.0.4 for WordPress allows remote attackers to execute arbitrary PHP code via the CMDsearch parameter to cmdownloads/, which is processed by the PHP create_function function.
by Phi Ngoc Le
Netgear WNR500 Wireless Router - 'webproc?getpage' Traversal Arbitrary File Access
by LiquidWorm
Smarty Pants Plugins SP Project & Document Manager <2.4.1 - SQL Inj...
Multiple SQL injection vulnerabilities in classes/ajax.php in the Smarty Pants Plugins SP Project & Document Manager plugin (sp-client-document-manager) 2.4.1 and earlier for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) vendor_email[] parameter in the email_vendor function or id parameter in the (2) download_project, (3) download_archive, or (4) remove_cat function.
by ITAS Team
Paid Memberships Pro <1.7.15 - Path Traversal
Directory traversal vulnerability in services/getfile.php in the Paid Memberships Pro plugin before 1.7.15 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the QUERY_STRING in a getfile action to wp-admin/admin-ajax.php.
by Kacper Szurek
Pricertif E-Commerce 3.0 - SQL Injection
SQL injection vulnerability in Proticaret E-Commerce 3.0 allows remote attackers to execute arbitrary SQL commands via a tem:Code element in a SOAP request.
by BGA Security
Microsoft .NET Framework <4.5.2 - RCE
The .NET Remoting implementation in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly restrict memory access, which allows remote attackers to execute arbitrary code via vectors involving malformed objects, aka "TypeFilterLevel Vulnerability."
by James Forshaw
Zoph < 0.9.1 - Cross-Site Scripting via photographer_id or _crumb Parameter
Cross-site scripting (XSS) vulnerability in php/edit_photos.php in Zoph (aka Zoph Organizes Photos) 0.9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) photographer_id or (2) _crumb parameter.
by Manuel García Cárdenas
WebsiteBaker 2.8.3 - Cross-Site Scripting via QUERY_STRING or section_id Parameter
Multiple cross-site scripting (XSS) vulnerabilities in WebsiteBaker 2.8.3 allow remote attackers to inject arbitrary web script or HTML via the (1) QUERY_STRING to wb/admin/admintools/tool.php or (2) section_id parameter to edit_module_files.php, (3) news/add_post.php, (4) news/modify_group.php, (5) news/modify_post.php, or (6) news/modify_settings.php in wb/modules/.
by Manuel García Cárdenas
moxi9 phpfox < 3.7.6 - Cross-Site Scripting via User-Agent Header
Cross-site scripting (XSS) vulnerability in Guests/Boots in AdminCP in Moxi9 PHPFox before 4 Beta allows remote attackers to inject arbitrary web script or HTML via the User-Agent header.
by spyk2r
MyBB Forums 1.8.2 - Persistent Cross-Site Scripting
by Avinash Thapa
Maarch LetterBox 2.8 - SQL Injection
SQL injection vulnerability in Maarch LetterBox 2.8 allows remote attackers to execute arbitrary SQL commands via the UserId cookie.
by ZoRLu Bugrahan
ZTE ZXHN H108L Firmware 4.0.0d_ZRQ_GR4 - Unauthenticated CWMP Configuration Modification
ZTE ZXHN H108L with firmware 4.0.0d_ZRQ_GR4 allows remote attackers to modify the CWMP configuration via a crafted request to Forms/access_cwmp_1.
by Project Zero Labs
ZTE ZXHN H108L Firmware 4.0.0d_ZRQ_GR4 - Unauthenticated CWMP Configuration Modification
ZTE ZXHN H108L with firmware 4.0.0d_ZRQ_GR4 allows remote attackers to modify the CWMP configuration via a crafted request to Forms/access_cwmp_1.
by Project Zero Labs
clientresponse 4.1 - Cross-Site Scripting via Subject or Message Field
Multiple cross-site scripting (XSS) vulnerabilities in clientResponse 4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Subject or (2) Message field.
by Halil Dalabasmaz
Gogs 0.3.1-0.5.x - SQL Injection via Search API q Parameter
Multiple SQL injection vulnerabilities in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.x before 0.5.6.1105 Beta allow remote attackers to execute arbitrary SQL commands via the q parameter to (1) api/v1/repos/search, which is not properly handled in models/repo.go, or (2) api/v1/users/search, which is not properly handled in models/user.go.
by Timo Schmid
Gogs 0.3.1-0.5.6.x - SQL Injection via Label Parameter
SQL injection vulnerability in the GetIssues function in models/issue.go in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.6.x before 0.5.6.1025 Beta allows remote attackers to execute arbitrary SQL commands via the label parameter to user/repos/issues.
by Timo Schmid
Piwigo <2.5.5, <2.6.x before 2.6.4, <2.7.x before 2.7.2 - SQL Injec...
SQL injection vulnerability in the rate_picture function in include/functions_rate.inc.php in Piwigo before 2.5.5, 2.6.x before 2.6.4, and 2.7.x before 2.7.2 allows remote attackers to execute arbitrary SQL commands via the rate parameter to picture.php, related to an improper data type in a comparison of a non-numeric value that begins with a digit.
by Manuel García Cárdenas
MyBB 1.8.x < 1.8.2 - Cross-Site Scripting via Report Type Parameter
Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka MyBulletinBoard) 1.8.x before 1.8.2 allow remote attackers to inject arbitrary web script or HTML via the (1) type parameter to report.php, (2) signature parameter in a do_editsig action to usercp.php, or (3) title parameter in the style-templates module in an edit_template action or (4) file parameter in the config-languages module in an edit action to admin/index.php.
by smash
DigitalVidhya Digi Online Examination System 2.0 - RCE
Unrestricted file upload vulnerability in the Photo functionality in DigitalVidhya Digi Online Examination System 2.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in assets/uploads/images/.
by Halil Dalabasmaz
Pricertif E-Commerce 3.0 - SQL Injection
SQL injection vulnerability in Proticaret E-Commerce 3.0 allows remote attackers to execute arbitrary SQL commands via a tem:Code element in a SOAP request.
by Onur Alanbel (BGA)
F5 BIG-IP Local Traffic Manager < 10.2.1 - Authenticated Path Traversal via Archive Properties or Form Name Parameter
Multiple directory traversal vulnerabilities in F5 BIG-IP before 10.2.2 allow local users with the "Resource Administrator" or "Administrator" role to enumerate and delete arbitrary files via a .. (dot dot) in the name parameter to (1) tmui/Control/jspmap/tmui/system/archive/properties.jsp or (2) tmui/Control/form.
by Anastasios Monachos
By Source