Text Exploits
31,337 exploits tracked across all sources.
Dell Openmanage Server Administrator - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Dell OpenManage Server Administrator 6.5.0.1, 7.0.0.1, and 7.1.0.1 allow remote attackers to inject arbitrary web script or HTML via the topic parameter to html/index_main.htm in (1) help/sm/en/Output/wwhelp/wwhimpl/js/, (2) help/sm/es/Output/wwhelp/wwhimpl/js/, (3) help/sm/ja/Output/wwhelp/wwhimpl/js/, (4) help/sm/de/Output/wwhelp/wwhimpl/js/, (5) help/sm/fr/Output/wwhelp/wwhimpl/js/, (6) help/sm/zh/Output/wwhelp/wwhimpl/js/, (7) help/hip/en/msgguide/wwhelp/wwhimpl/js/, or (8) help/hip/en/msgguide/wwhelp/wwhimpl/common/.
by Tenable NS
Schmid Watson Management Console - Directory Traversal
by Dhruv Shah
Watson Management Console 4.11.2.G - Directory Traversal
by Dhruv Shah
WordPress Plugin NextGEN Gallery - 'test-head' Cross-Site Scripting
by Am!r
MotoCMS - 'admin/data/users.xml' Access Restriction / Information Disclosure
by AkaStep
Joomla! Component com_incapsula - Multiple Cross-Site Scripting Vulnerabilities
by Gjoko Krstic
Advantech Webaccess < 7.0 - XSS
Cross-site scripting (XSS) vulnerability in Advantech WebAccess (formerly BroadWin WebAccess) before 7.1 2013.05.30 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
by SecPod Research
Ettercap 0.7.5.1- - Buffer Overflow
Stack-based buffer overflow in the scan_load_hosts function in ec_scan.c in Ettercap 0.7.5.1 and earlier might allow local users to gain privileges via a Trojan horse hosts list containing a long line.
by Sajjad Pourali
Facebook for Android - 'LoginActivity' Information Disclosure
by Takeshi Terada
Havalite - XSS
Havalite CMS 1.1.7 has a stored XSS vulnerability
by Henri Salo
CVSS 5.4
Rapid7 Nexpose < 5.5.3 - CSRF
Cross-site request forgery (CSRF) vulnerability in Rapid7 Nexpose Security Console before 5.5.4 allows remote attackers to hijack the authentication of unspecified victims for requests that delete scan data and sites via a request to data/site/delete.
by Robert Gilbert
pfSense 2.0.1 - Cross-Site Scripting / Cross-Site Request Forgery / Remote Command Execution
by Yann CAM
Simple Web Server 2.3-rc1 - Directory Traversal
by CwG GeNiuS
MyBB Profile Wii Friend Code - Multiple Vulnerabilities
by Ichi
WordPress Plugin Uploader - Arbitrary File Upload
by Sammy FORGIT
WordPress Plugin Xerte Online - 'save.php' Arbitrary File Upload
by Sammy FORGIT
osTicket - 'tickets.php?status' Cross-Site Scripting
by AkaStep
E107 - CSRF
Multiple cross-site request forgery (CSRF) vulnerabilities in e107_admin/download.php in e107 1.0.2 allow remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the (1) download_url, (2) download_url_extended, (3) download_author_email, (4) download_author_website, (5) download_image, (6) download_thumb, (7) download_visible, or (8) download_class parameter.
by Joshua Reynolds
E107 - CSRF
Cross-site request forgery (CSRF) vulnerability in e107_admin/newspost.php in e107 1.0.1 allows remote attackers to hijack the authentication of administrators for requests that conduct XSS attacks via the news_title parameter in a create action.
by Joshua Reynolds
WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/exportsubscribers.php? reqID' SQL Injection
by Sammy FORGIT
WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/exportaccounts.php?reqID' SQL Injection
by Sammy FORGIT
By Source