Text Exploits
31,386 exploits tracked across all sources.
ELSI Smart Floor V3.3.3 - Stored Cross-Site Scripting (XSS)
by Rob_ CTRL Group
SOUND4 Server Service 4.1.102 - Privilege Escalation
SOUND4 Server Service 4.1.102 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted binary path by inserting malicious code in the system root path that could execute with LocalSystem privileges during service startup.
by LiquidWorm
CVSS 8.4
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - RCE
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an unauthenticated vulnerability in the /usr/cgi-bin/restorefactory.cgi endpoint that allows remote attackers to reset device configuration. Attackers can send a POST request to the endpoint with specific data to trigger a factory reset and bypass authentication, gaining full system control.
by LiquidWorm
CVSS 9.8
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Command Injection
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an unauthenticated OS command injection vulnerability that allows remote attackers to execute arbitrary shell commands through the 'password' parameter. Attackers can exploit the login.php and index.php scripts by injecting shell commands via the 'password' POST parameter to execute commands with web server privileges.
by LiquidWorm
CVSS 9.8
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Path Traversal
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an unauthenticated directory traversal vulnerability that allows remote attackers to write arbitrary files through the 'upgfile' parameter in upload.cgi. Attackers can exploit the vulnerability by sending crafted multipart form-data POST requests with directory traversal sequences to write files to unintended system locations.
by LiquidWorm
CVSS 7.5
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - CSRF
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages that submit HTTP requests to the radio processing interface, triggering unintended administrative operations when a logged-in user visits the page.
by LiquidWorm
CVSS 4.3
SOUND4 IMPACT/FIRST/PULSE/Eco 2.x - SQL Injection
SOUND4 IMPACT/FIRST/PULSE/Eco version 2.x contains an SQL injection vulnerability in the 'index.php' authentication mechanism that allows attackers to manipulate login credentials. Attackers can inject malicious SQL code through the 'password' POST parameter to bypass authentication and potentially gain unauthorized access to the system.
by LiquidWorm
CVSS 9.8
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Auth Bypass
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an insecure direct object reference vulnerability that allows attackers to bypass authorization and access hidden system resources. Attackers can exploit the vulnerability by manipulating user-supplied input to execute privileged functionalities without proper authentication.
by LiquidWorm
CVSS 9.8
CoolerMaster MasterPlus <1.8.5 - Code Injection
CoolerMaster MasterPlus 1.8.5 contains an unquoted service path vulnerability in the MPService that allows local attackers to execute code with elevated system privileges. Attackers can drop a malicious executable in the service path and trigger code execution during service startup or system reboot.
by Damian Semon Jr
CVSS 8.4
Senayan Library Management System 9.0.0 - SQL Injection
Senayan Library Management System 9.0.0 contains a SQL injection vulnerability in the 'class' parameter that allows attackers to inject malicious SQL queries. Attackers can exploit the vulnerability by submitting crafted payloads to manipulate database queries and potentially extract sensitive information.
by nu11secur1ty
CVSS 8.2
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Denial Of Service (DoS)
by LiquidWorm
Textpattern 4.8.8 - Remote Code Execution (RCE) (Authenticated)
by Alperen Ergel
Judging Management System v1.0 - Authentication Bypass
by Angelo Pio Amirante
Bludit 3-14-1 Plugin 'UploadPlugin' - Remote Code Execution (RCE) (Authenticated)
by Alperen Ergel
EQ < 2.2.0 - SQL Injection
EQ v1.5.31 to v2.2.0 was discovered to contain a SQL injection vulnerability via the UserPwd parameter.
by TLF
CVSS 9.8
MyBB Forums 1.8.26 - Authenticated Stored Cross-Site Scripting via Forum Announcement Title
myBB Forums 1.8.26 contains a stored cross-site scripting vulnerability in the forum announcement system that allows authenticated administrators to inject malicious scripts when creating announcements. Attackers can exploit this vulnerability by inserting script payloads in the announcement title field when adding announcements through the 'Forums and Posts' > 'Forum Announcements' interface, causing arbitrary JavaScript to execute when the announcement is displayed on the forum.
by Andrey Stoykov
CVSS 5.4
MyBB Forums 1.8.26 - Authenticated Stored Cross-Site Scripting via Forum Title Field
myBB Forums 1.8.26 contains a stored cross-site scripting vulnerability in the forum management system that allows authenticated administrators to inject malicious scripts when creating new forums. Attackers can exploit this vulnerability by inserting script payloads in the forum title field when adding new forums through the 'Forums and Posts' > 'Forum Management' interface, causing arbitrary JavaScript to execute when the forum listing is viewed.
by Andrey Stoykov
CVSS 5.4
myBB 1.8.26 - Authenticated Stored Cross-Site Scripting in Template Title Field
myBB Forums 1.8.26 contains a stored cross-site scripting vulnerability in the template management system that allows authenticated administrators to inject malicious scripts when creating new templates. Attackers can exploit this vulnerability by inserting script payloads in the template title field when adding new templates through the 'Templates and Style' > 'Templates' > 'Manage Templates' > 'Global Templates' interface, causing arbitrary JavaScript to execute when the template is viewed.
by Andrey Stoykov
CVSS 5.4
Zillya Total Security 3.0.2367.0 - Privilege Escalation
Zillya Total Security 3.0.2367.0 contains a privilege escalation vulnerability that allows low-privileged users to copy files to unauthorized system locations using the quarantine module. Attackers can leverage symbolic link techniques to restore quarantined files to restricted directories, potentially enabling system-level access through techniques like DLL hijacking.
by M. Akil Gündoğan
CVSS 8.4
EVE-NG 5.0.1-13 - Cross-Site Scripting in Lab Handler
A vulnerability was found in EVE-NG 5.0.1-13 and classified as problematic. Affected by this issue is some unknown functionality of the component Lab Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-256442 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
by @casp3r0x0 hassan ali al-khafaji
CVSS 2.4
4images 1.9 - Authenticated Remote Code Execution via Template Editing and Categories Endpoint
4images 1.9 contains a remote command execution vulnerability that allows authenticated administrators to inject reverse shell code through template editing functionality. Attackers can save malicious code in the template and execute arbitrary commands by accessing a specific categories.php endpoint with a crafted cat_id parameter.
by Andrey Stoykov
CVSS 7.2
By Source