Text Exploits
31,394 exploits tracked across all sources.
cFos Personal Net 3.09 - Remote Heap Memory Corruption (Denial of Service)
by LiquidWorm
Amtelco miSecureMessages <6.2 - Info Disclosure
Amtelco miSecureMessages (aka MSM) 6.2 does not properly manage sessions, which allows remote authenticated users to obtain sensitive information via a modified message request.
by Jared Bird
WordPress Plugin Work-The-Flow 1.2.1 - Arbitrary File Upload
by nopesled
WD Arkeia Virtual Appliance Firmware < 10.2.7 - Path Traversal and Remote Code Execution via Lang Cookie Parameter
Directory traversal vulnerability in opt/arkeia/wui/htdocs/index.php in the WD Arkeia virtual appliance (AVA) with firmware before 10.2.9 allows remote attackers to read arbitrary files and execute arbitrary PHP code via a ..././ (dot dot dot slash dot slash) in the lang Cookie parameter, as demonstrated by a request to login/doLogin.
by SEC Consult
dompdf < 0.6.1 - Arbitrary File Read via PHP Wrapper in input_file Parameter
dompdf.php in dompdf before 0.6.1, when DOMPDF_ENABLE_PHP is enabled, allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the input_file parameter, as demonstrated by a php://filter/read=convert.base64-encode/resource in the input_file parameter.
by Portcullis
Alienvault 4.3.1 - SQL Injection / Cross-Site Scripting
by Sasha Zivojinovic
phpmanufaktur kitform < 0.43 - SQL Injection via sorter_value Parameter
SQL injection vulnerability in sorter.php in the phpManufaktur kitForm extension 0.43 and earlier for the KeepInTouch (KIT) module allows remote attackers to execute arbitrary SQL commands via the sorter_value parameter.
by chapp
iDevAffiliate - 'idevads.php' SQL Injection
by Robert Cooper
Sixnet SixView Manager 2.4.1 - Unauthenticated Path Traversal via HTTP GET Request
Directory traversal vulnerability in Sixnet SixView Manager 2.4.1 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request to TCP port 18081.
by daniel svartman
COMTREND CT-5361T Router - 'Password.cgi' Cross-Site Request Forgery (Admin Password Manipulation)
by TUNISIAN CYBER
Teracom T2-B-Gawv1.4U10Y-BI - Cross-Site Request Forgery in WLAN Country Settings
Multiple cross-site request forgery (CSRF) vulnerabilities in webconfig/wlan/country.html/country in the Teracom T2-B-Gawv1.4U10Y-BI modem allow remote attackers to hijack the authentication of administrators for requests that (1) change the SSID or (2) change the password via a crafted request.
by Rakesh S
PTCeffect 4.6 - Local File Inclusion / SQL Injection
by walid naceri
Nagios Remote Plugin Executor <2.15 - RCE
Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor (NRPE) 2.15 and earlier allows remote attackers to execute arbitrary commands via a newline character in the -a option to libexec/check_nrpe. NOTE: this issue is disputed by multiple parties. It has been reported that the vendor allows newlines as "expected behavior." Also, this issue can only occur when the administrator enables the "dont_blame_nrpe" option in nrpe.conf despite the "HIGH security risk" warning within the comments
by Dawid Golunski
SAP Router - Timing Side-Channel Attack via Password Validation
The passwordCheck function in SAP Router 721 patch 117, 720 patch 411, 710 patch 029, and earlier terminates validation of a Route Permission Table entry password upon encountering the first incorrect character, which allows remote attackers to obtain passwords via a brute-force attack that relies on timing differences in responses to incorrect password guesses, aka a timing side-channel attack.
by Core Security
lxml < 3.3.5 - Cross-Site Scripting via Control Characters in Link Scheme
Incomplete blacklist vulnerability in the lxml.html.clean module in lxml before 3.3.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via control characters in the link scheme to the clean_html function.
by Maksim Kochkin
CVSS 6.1
Xerox DocuShare - Authenticated SQL Injection via PATH_INFO to ResultBackgroundJobMultiple
SQL injection vulnerability in Xerox DocuShare before 6.53 Patch 6 Hotfix 2, 6.6.1 Update 1 before Hotfix 24, and 6.6.1 Update 2 before Hotfix 3 allows remote authenticated users to execute arbitrary SQL commands via the PATH_INFO to /docushare/dsweb/ResultBackgroundJobMultiple/. NOTE: some of these details are obtained from third party information.
by Brandon Perry
Netgear WNDR3400 N600 Wireless Dual Band - Multiple Vulnerabilities
by Santhosh Kumar
Adobe Reader Mobile < 11.2 - Remote Code Execution via JavaScript in PDF
The Adobe Reader Mobile application before 11.2 for Android does not properly restrict use of JavaScript, which allows remote attackers to execute arbitrary code via a crafted PDF document, a related issue to CVE-2012-6636.
by Yorick Koster
WordPress Theme LineNity 1.20 - Local File Inclusion
by felipe andrian
twitget < 3.3.1 - Authenticated Cross-Site Scripting via twitget_consumer_key Parameter
Multiple cross-site scripting (XSS) vulnerabilities in twitget.php in the Twitget plugin before 3.3.3 for WordPress allow remote authenticated administrators to inject arbitrary web script or HTML via unspecified vectors, as demonstrated by the twitget_consumer_key parameter to wp-admin/options-general.php.
by Tom Adams
WordPress Quick Page/Post Redirect <5.0.5 - CSRF
Cross-site request forgery (CSRF) vulnerability in the Quick Page/Post Redirect plugin before 5.0.5 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the quickppr_redirects[request][] parameter in the redirect-updates page to wp-admin/admin.php.
by Tom Adams
Jigowatt PHP Event Calendar - 'day_view.php' SQL Injection
by Daniel Godoy
By Source