Text Exploits
31,394 exploits tracked across all sources.
McAfee Cloud Single Sign On - Stored Cross-Site Scripting via Login Audit Form Password Field
Cross-site scripting (XSS) vulnerability in the login audit form in McAfee Cloud Single Sign On (SSO) allows remote attackers to inject arbitrary web script or HTML via a crafted password.
by Brandon Perry
GNUboard 5.x - Authenticated SQL Injection via Subject or Content Parameter
Multiple SQL injection vulnerabilities in bbs/ajax.autosave.php in GNUboard 5.x and possibly earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) subject or (2) content parameter.
by Claepo Wang
BigACE 2.7.5 - 'LANGUAGE' Directory Traversal
by Hossein Hezami
SePortal 2.4 - SQL Injection via poll_id or sp_id Parameter
Multiple SQL injection vulnerabilities in SePortal 2.4 allow remote attackers to execute arbitrary SQL commands via the (1) poll_id parameter to poll.php and the (2) sp_id parameter to staticpages.php.
by jsass
McAfee Asset Manager 6.6 - Path Traversal
Directory traversal vulnerability in servlet/downloadReport in McAfee Asset Manager 6.6 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the reportFileName parameter.
by Brandon Perry
Array Networks vxAG 9.2.0.34 and vAPV 8.3.2.17 - Multiple Vulnerabilities
by xistence
Free Download Manager <3.9.3-3.0 - Buffer Overflow
Stack-based buffer overflow in the CDownloads_Deleted::UpdateDownload function in Downloads_Deleted.cpp in Free Download Manager 3.9.3 build 1360, 3.8 build 1173, 3.0 build 852, and earlier allows user-assisted remote attackers to execute arbitrary code via a long file name, which is then deleted from the download queue by the user.
by Julien Ahrens
OpenSupports 2.x - Authentication Bypass / Cross-Site Request Forgery
by TN CYB3R
Joomla! Component AJAX Shoutbox 1.6 - SQL Injection
by Ibrahim Raafat
Apple iOS < 7.1 and tvOS < 6.1 - Memory Corruption via USB Host
USB Host in Apple iOS before 7.1 and Apple TV before 6.1 allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted USB messages.
by Andy Davis
Revive Adserver < 3.0.4 and OpenX < 2.8.11 - Cross-Site Request Forgery via Admin Endpoints
Multiple cross-site request forgery (CSRF) vulnerabilities in OpenX 2.8.11 and earlier allow remote attackers to hijack the authentication of administrators for requests that delete (1) users via admin/agency-user-unlink.php, (2) advertisers via admin/advertiser-delete.php, (3) banners via admin/banner-delete.php, (4) campaigns via admin/campaign-delete.php, (5) channels via admin/channel-delete.php, (6) affiliate websites via admin/affiliate-delete.php, or (7) zones via admin/zone-delete.php.
by Mahmoud Ghorbanzadeh
nginx 1.3.9-1.4.0 - Remote Code Execution via Chunked Transfer-Encoding
The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
by sorbo
Synology DSM 4.3-3827 - 'article.php' Blind SQL Injection
by Michael Wisniewski
Ubee EVW3200 - Multiple Persistent Cross-Site Scripting Vulnerabilities
by Jeroen - IT Nerdbox
Oracle VM VirtualBox < 4.3.8 - Authenticated Remote Code Execution via 3D Acceleration Network Pointer
VBox/GuestHost/OpenGL/util/net.c in Oracle VirtualBox before 3.2.22, 4.0.x before 4.0.24, 4.1.x before 4.1.32, 4.2.x before 4.2.24, and 4.3.x before 4.3.8, when using 3D Acceleration allows local guest OS users to execute arbitrary code on the Chromium server via crafted Chromium network pointer in a (1) CR_MESSAGE_READBACK or (2) CR_MESSAGE_WRITEBACK message to the VBoxSharedCrOpenGL service, which triggers an arbitrary pointer dereference and memory corruption. NOTE: this issue was MERGED with CVE-2014-0982 because it is the same type of vulnerability affecting the same set of versions. All CVE users should reference CVE-2014-0981 instead of CVE-2014-0982.
by Core Security
Huawei eSpace Meeting < V100R001C03SPC201 - Privilege Escalation
In Huawei eSpace Meeting with software V100R001C03SPC201 and the earlier versions, attackers that obtain the permissions assigned to common users can elevate privileges to access and set specific key resources.
by LiquidWorm
CVSS 7.0
vtiger CRM < 6.0.0 - Authenticated Path Traversal via KCFinder File Parameter
Directory traversal vulnerability in kcfinder/browse.php in Vtiger CRM before 6.0.0 Security patch 1 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter in a download action. NOTE: it is likely that this issue is actually in the KCFinder third-party component, and it affects additional products besides Vtiger CRM.
by Portcullis
By Source