Text Exploits
31,394 exploits tracked across all sources.
Xangati XSR <11 - Xangati XNR <7 - Path Traversal
Multiple directory traversal vulnerabilities in Xangati XSR before 11 and XNR before 7 allow remote attackers to read arbitrary files via a .. (dot dot) in (1) the file parameter in a getUpgradeStatus action to servlet/MGConfigData, (2) the download parameter in a download action to servlet/MGConfigData, (3) the download parameter in a port_svc action to servlet/MGConfigData, (4) the file parameter in a getfile action to servlet/Installer, or (5) the binfile parameter to servlet/MGConfigData.
by Jan Kadijk
Xangati XSR <11 - Xangati XNR <7 - Path Traversal
Multiple directory traversal vulnerabilities in Xangati XSR before 11 and XNR before 7 allow remote attackers to read arbitrary files via a .. (dot dot) in (1) the file parameter in a getUpgradeStatus action to servlet/MGConfigData, (2) the download parameter in a download action to servlet/MGConfigData, (3) the download parameter in a port_svc action to servlet/MGConfigData, (4) the file parameter in a getfile action to servlet/Installer, or (5) the binfile parameter to servlet/MGConfigData.
by Jan Kadijk
Xangati XSR <11 - Xangati XNR <7 - Path Traversal
Multiple directory traversal vulnerabilities in Xangati XSR before 11 and XNR before 7 allow remote attackers to read arbitrary files via a .. (dot dot) in (1) the file parameter in a getUpgradeStatus action to servlet/MGConfigData, (2) the download parameter in a download action to servlet/MGConfigData, (3) the download parameter in a port_svc action to servlet/MGConfigData, (4) the file parameter in a getfile action to servlet/Installer, or (5) the binfile parameter to servlet/MGConfigData.
by Jan Kadijk
CubeCart < 5.2.9 - Session Fixation via PHPSESSID Parameter
Session fixation vulnerability in CubeCart before 5.2.9 allows remote attackers to hijack web sessions via the PHPSESSID parameter.
by absane
Sendy 1.1.9.1 - SQL Injection via Send-To c Parameter
SQL injection vulnerability in /send-to in Sendy 1.1.9.1 allows remote attackers to execute arbitrary SQL commands via the c parameter.
by delme
XCloner < 3.5 - Cross-Site Request Forgery via Administrator Password Change or Database Backup
Multiple cross-site request forgery (CSRF) vulnerabilities in XCloner Standalone 3.5 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) change the administrator password via the config task to index2.php or (2) when the enable_db_backup and sql_mem options are enabled, access the database backup functionality via the dbbackup_comp parameter in the generate action to index2.php. NOTE: vector 2 might be a duplicate of CVE-2014-2340, which is for the XCloner Wordpress plugin. NOTE: remote attackers can leverage CVE-2014-2996 with vector 2 to execute arbitrary commands.
by High-Tech Bridge SA
XCloner < 3.5 - Authenticated Command Injection via dbbackup_comp Parameter
XCloner Standalone 3.5 and earlier, when enable_db_backup and sql_mem are enabled, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the dbbackup_comp parameter in a generate action to index2.php. NOTE: it is not clear whether this issue crosses privilege boundaries, since administrators might already have the privileges to execute code. NOTE: this can be leveraged by remote attackers using CVE-2014-2579.
by High-Tech Bridge SA
OrbitScripts Orbit Open Ad Server <1.1.1 - SQL Injection
SQL injection vulnerability in OrbitScripts Orbit Open Ad Server before 1.1.1 allows remote attackers to execute arbitrary SQL commands via the site_directory_sort_field parameter to guest/site_directory.
by High-Tech Bridge SA
Quick.CMS 5.4 - Multiple Vulnerabilities
by Shpend Kurtishaj
Joomla! Component Inneradmission - 'index.php' SQL Injection
by Lazmania61
Halon Security Router (SR) 3.2-winter-r1 - Multiple Vulnerabilities
by Juan Manuel Garcia
XAMPP 3.2.1 & phpMyAdmin 4.1.6 - Multiple Vulnerabilities
by hackerDesk
Notepad++ DSpellCheck 1.2.12.0 - Denial of Service
by sajith
InfraRecorder 0.53 - Memory Corruption (Denial of Service)
by sajith
Puntopy - 'novedad.php' SQL Injection
by Felipe Andrian Peixoto
PHPFox 3.7.3-3.7.5 - Authenticated Privacy Bypass via Modified val[item_id] Parameter
static/ajax.php in PHPFox 3.7.3, 3.7.4, and 3.7.5 allows remote authenticated users to bypass intended "Only Me" restrictions and comment on a private publication via a request with a modified val[item_id] parameter for the publication.
by Wesley Henrique
XCloner < 3.1.1 - Cross-Site Request Forgery via Backup Creation
Cross-site request forgery (CSRF) vulnerability in the XCloner plugin before 3.1.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that create website backups via a request to wp-admin/plugins.php.
by High-Tech Bridge SA
A10 Networks ACOS <2.7.0-p6, <2.7.1-P1_55 - Buffer Overflow
Buffer overflow in A10 Networks Advanced Core Operating System (ACOS) before 2.7.0-p6 and 2.7.1 before 2.7.1-P1_55 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long session id in the URI to sys_reboot.html. NOTE: some of these details are obtained from third party information.
by Francesco Perna
By Source