Text Exploits
31,386 exploits tracked across all sources.
webgrind < 1.1 - Unauthenticated Remote Command Execution via dataFile Parameter
Webgrind 1.1 contains a remote command execution vulnerability that allows unauthenticated attackers to inject OS commands via the dataFile parameter in index.php. Attackers can execute arbitrary system commands by manipulating the dataFile parameter, such as using payload '0%27%26calc.exe%26%27' to execute commands on the target system.
by Rafael Pedrero
CVSS 9.8
Tftpd32 SE 4.60 - Unquoted Service Path Privilege Escalation
Tftpd32 SE 4.60 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that will be run with system-level permissions.
by Ismael Nava
CVSS 8.4
Sysax Multi Server 6.95 - Denial of Service via Administrative Password Field Overflow
Sysax Multi Server 6.95 contains a denial of service vulnerability in the administrative password field that allows attackers to crash the application. Attackers can overwrite the password field with 800 bytes of repeated characters to trigger an application crash and disrupt server functionality.
by Luis Martínez
CVSS 9.1
Mediconta 3.7.27 - Privilege Escalation
Mediconta 3.7.27 contains an unquoted service path vulnerability in the servermedicontservice that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\medicont3\ to inject malicious code that would execute with LocalSystem permissions during service startup.
by Luis Martínez
CVSS 8.4
eXtplorer < 2.1.14 - Unauthenticated Authentication Bypass and Remote Code Execution
eXtplorer 2.1.14 contains an authentication bypass vulnerability that allows attackers to login without a password by manipulating the login request. Attackers can exploit this flaw to upload malicious PHP files and execute remote commands on the vulnerable file management system.
by ErPaciocco
CVSS 9.8
Explorer++ 1.3.5.531 - Buffer Overflow via Long File Name Argument
Explorer32++ 1.3.5.531 contains a buffer overflow vulnerability in Structured Exception Handler (SEH) records that allows attackers to execute arbitrary code. Attackers can exploit the vulnerability by providing a long file name argument over 396 characters to corrupt the SEH chain and potentially execute malicious code.
by Rafael Pedrero
CVSS 9.8
Gestionale Open 12.00.00 - 'DB_GO_80' Unquoted Service Path
by Luis Martínez
Grafana < 6.2.5 - Cross-Site Scripting via Panel Drilldown Link Title or URL Field
public/app/features/panel/panel_ctrl.ts in Grafana before 6.2.5 allows HTML Injection in panel drilldown links (via the Title or url field).
by SimranJeet Singh
CVSS 5.4
Zentao Project Management System 17.0 - Authenticated Remote Code Execution (RCE)
by mister0xf
WPN-XM Serverstack for Windows 0.8.6 - Multiple Vulnerabilities
by Rafael Pedrero
FlatCore CMS 2.1.1 - Stored Cross-Site Scripting (XSS)
by Sinem Şahin
Clansphere CMS 2011.4 - Stored Cross-Site Scripting (XSS)
by Sinem Şahin
GuppY CMS 6.00.10 - Unrestricted File Upload and Remote Code Execution via PHP File Upload
GuppY CMS 6.00.10 is vulnerable to Unrestricted File Upload which allows remote attackers to execute arbitrary code by uploading a php file.
by Chokri Hammedi
CVSS 9.8
iolo System Shield 5.0.0.136 - Arbitrary Write via amp.sys IOCtl 0x00226003
In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the amp.sys driver file contains an Arbitrary Write vulnerability due to not validating input values from IOCtl 0x00226003.
by Brandon Marshall
CVSS 9.8
camp_project camp < 2022-07-21 - Insufficiently Protected Credentials via StaticFileHandler
patrickfuller camp up to and including commit bbd53a256ed70e79bd8758080936afbf6d738767 is vulnerable to Incorrect Access Control. Access to the password.txt file is not properly restricted as it is in the root directory served by StaticFileHandler and the Tornado rule to throw a 403 error when password.txt is accessed can be bypassed. Furthermore, it is not necessary to crack the password hash to authenticate with the application because the password hash is also used as the cookie secret, so an attacker can generate his own authentication cookie.
by Elias Hohl
CVSS 9.8
NVFLARE < 2.1.4 - Remote Code Execution via Pickle Deserialization
NVFLARE, versions prior to 2.1.4, contains a vulnerability that deserialization of Untrusted Data due to Pickle usage may allow an unprivileged network attacker to cause Remote Code Execution, Denial Of Service, and Impact to both Confidentiality and Integrity.
by Elias Hohl
CVSS 9.8
By Source