Text Exploits
31,394 exploits tracked across all sources.
WeBid 1.1.1 - Cross-Site Scripting via Multiple User Input Parameters
Multiple cross-site scripting (XSS) vulnerabilities in WeBid 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) TPL_name, (2) TPL_nick, (3) TPL_email, (4) TPL_year, (5) TPL_address, (6) TPL_city, (7) TPL_prov, (8) TPL_zip, (9) TPL_phone, (10) TPL_pp_email, (11) TPL_authnet_id, (12) TPL_authnet_pass, (13) TPL_worldpay_id, (14) TPL_toocheckout_id, or (15) TPL_moneybookers_email in a first action to register.php or the (16) username parameter in a login action to user_login.php.
by Govind Singh
Infoblox NetMRI < 6.8.5 - OS Command Injection via skipjackUsername Parameter
config/userAdmin/login.tdf in Infoblox NetMRI before 6.8.5 allows remote attackers to execute arbitrary commands via shell metacharacters in the skipjackUsername parameter.
by Nate Kettlewell
BSK PDF Manager 1.3.2 - SQL Injection
Multiple SQL injection vulnerabilities in inc/bsk-pdf-dashboard.php in the BSK PDF Manager plugin 1.3.2 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) categoryid or (2) pdfid parameter to wp-admin/admin.php.
by Claudio Viviani
Dolibarr ERP/CRM <3.5.3 - SQL Injection
Multiple SQL injection vulnerabilities in Dolibarr ERP/CRM 3.5.3 allow remote authenticated users to execute arbitrary SQL commands via the (1) entity parameter in an update action to user/fiche.php or (2) sortorder parameter to user/group/index.php.
by Deepak Rathore
Artifectx xClassified 1.2 - SQL Injection
SQL injection vulnerability in demo/ads.php in Artifectx xClassified 1.2 allows remote attackers to execute arbitrary SQL commands via the catid parameter.
by Lazmania61
The Digital Craft AtomCMS - SQL Injection
SQL injection vulnerability in admin/uploads.php in The Digital Craft AtomCMS, possibly 2.0, allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Jagriti Sahu
Photo Org WonderApplications 8.3 iOS - Local File Inclusion
by Vulnerability-Lab
Frog CMS 0.9.5 - Unrestricted File Upload
An Arbitrary File Upload issue was discovered in Frog CMS 0.9.5 due to lack of extension validation.
by Javid Hussain
CVSS 9.8
Ubisoft Uplay PC < 4.6.1.3217 - Privilege Escalation via Weak Installation Directory Permissions
Ubisoft Uplay PC before 4.6.1.3217 use weak permissions (Everyone: Full Control) for the program installation directory (%PROGRAMFILES%\Ubisoft Game Launcher), which allows local users to gain privileges via a Trojan horse file.
by LiquidWorm
Baidu Spark Browser 26.5.9999.3511 - Stack-Based Buffer Overflow via Nested window.print Calls
Stack-based buffer overflow in Baidu Spark Browser 26.5.9999.3511 allows remote attackers to cause a denial of service (application crash) via nested calls to the window.print JavaScript function.
by LiquidWorm
Kerio Control < 8.3.2 - Authenticated SQL Injection via Statistics Print Parameters
Multiple SQL injection vulnerabilities in Kerio Control Statistics in Kerio Control (formerly WinRoute Firewall) before 8.3.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) x_16 or (2) x_17 parameter to print.php.
by Khashayar Fereidani
IBM Algo Credit Limits 4.5.0-4.7.0 - Exposure of Sensitive Information via XML Document
RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows context-dependent attackers to discover database credentials by reading the DbUser and DbPass fields in an XML document.
by SEC Consult
Flussonic Media Server 4.1.25 < 4.3.3 - Arbitrary File Disclosure
by BGA Security
Nagios Plugins <2.0.2 - Info Disclosure
lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain sensitive information via a symlink attack on the configuration file in the extra-opts flag. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4701.
by Dawid Golunski
chkrootkit < 0.50 - Local Privilege Escalation via Trojan Horse Executable
The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option.
by Thomas Stangner
WordPress Simple Share Buttons Adder <4.5 - CSRF
Multiple cross-site request forgery (CSRF) vulnerabilities in the Simple Share Buttons Adder plugin before 4.5 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) ssba_share_text parameter in a save action to wp-admin/options-general.php, which is not properly handled in the homepage, and unspecified vectors related to (2) Pages, (3) Posts, (4) Category/Archive pages or (5) post Excerpts.
by dxw
Python 2.7.5 and 3.3.4 - Path Traversal via URL-Encoded Path Separators
The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as demonstrated by a %2f separator.
by RedTeam Pentesting
CVSS 9.8
Oracle Endeca Server - Info Disclosure
Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 2.2.2 allows remote attackers to affect integrity via unknown vectors related to Oracle Endeca Information Discovery (Formerly Latitude), a different vulnerability than CVE-2014-2400.
by RedTeam Pentesting
Mailspect Control Panel 4.0.5 - Multiple Vulnerabilities
by Onur Alanbel (BGA)
ZeusCart 4.x - SQL Injection
Multiple SQL injection vulnerabilities in ZeusCart 4.x.
by Kenny Mathis
CVSS 8.8
TimThumb 2.8.13-WordThumb 1.07 - RCE
TimThumb 2.8.13 and WordThumb 1.07, when Webshot (aka Webshots) is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in the src parameter.
by @u0x
ZeroCMS 1.0 - SQL Injection via article_id Parameter
SQL injection vulnerability in zero_transact_article.php in ZeroCMS 1.0 allows remote attackers to execute arbitrary SQL commands via the article_id parameter in a Submit Comment action.
by Filippos Mastrogiannis
By Source