Text Exploits
31,394 exploits tracked across all sources.
TinyBrowser - 'tinybrowser.php' Directory Listing
by MustLive
Open Solution Quick.Cms 5.0 and Quick.Cart 6.0 - Cross-Site Scripting via PATH_INFO to admin.php
Cross-site scripting (XSS) vulnerability in Open Solution Quick.Cms 5.0 and Quick.Cart 6.0, possibly as downloaded before December 19, 2012, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin.php. NOTE: this might be a duplicate of CVE-2008-4140.
by High-Tech Bridge
Prizm Content Connect 5.1 - Code Injection
Prizm Content Connect 5.1 has an Arbitrary File Upload Vulnerability
by Include Security Research
CVSS 9.8
Dell OpenManage Server Administrator 6.5.0.1, 7.0.0.1, 7.1.0.1 - Cross-Site Scripting via Topic Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Dell OpenManage Server Administrator 6.5.0.1, 7.0.0.1, and 7.1.0.1 allow remote attackers to inject arbitrary web script or HTML via the topic parameter to html/index_main.htm in (1) help/sm/en/Output/wwhelp/wwhimpl/js/, (2) help/sm/es/Output/wwhelp/wwhimpl/js/, (3) help/sm/ja/Output/wwhelp/wwhimpl/js/, (4) help/sm/de/Output/wwhelp/wwhimpl/js/, (5) help/sm/fr/Output/wwhelp/wwhimpl/js/, (6) help/sm/zh/Output/wwhelp/wwhimpl/js/, (7) help/hip/en/msgguide/wwhelp/wwhimpl/js/, or (8) help/hip/en/msgguide/wwhelp/wwhimpl/common/.
by Tenable NS
Schmid Watson Management Console - Directory Traversal
by Dhruv Shah
Watson Management Console 4.11.2.G - Directory Traversal
by Dhruv Shah
WordPress Plugin NextGEN Gallery - 'test-head' Cross-Site Scripting
by Am!r
MotoCMS - 'admin/data/users.xml' Access Restriction / Information Disclosure
by AkaStep
Joomla! Component com_incapsula - Multiple Cross-Site Scripting Vulnerabilities
by Gjoko Krstic
Advantech WebAccess < 7.1 - Authenticated Cross-Site Scripting
Cross-site scripting (XSS) vulnerability in Advantech WebAccess (formerly BroadWin WebAccess) before 7.1 2013.05.30 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
by SecPod Research
Ettercap 0.7.5.1- - Buffer Overflow
Stack-based buffer overflow in the scan_load_hosts function in ec_scan.c in Ettercap 0.7.5.1 and earlier might allow local users to gain privileges via a Trojan horse hosts list containing a long line.
by Sajjad Pourali
Facebook for Android - 'LoginActivity' Information Disclosure
by Takeshi Terada
Havalite CMS 1.1.7 - Stored Cross-Site Scripting
Havalite CMS 1.1.7 has a stored XSS vulnerability
by Henri Salo
CVSS 5.4
Rapid7 Nexpose < 5.5.4 - Cross-Site Request Forgery via Site Deletion Request
Cross-site request forgery (CSRF) vulnerability in Rapid7 Nexpose Security Console before 5.5.4 allows remote attackers to hijack the authentication of unspecified victims for requests that delete scan data and sites via a request to data/site/delete.
by Robert Gilbert
pfSense 2.0.1 - Cross-Site Scripting / Cross-Site Request Forgery / Remote Command Execution
by Yann CAM
Simple Web Server 2.3-rc1 - Directory Traversal
by CwG GeNiuS
MyBB Profile Wii Friend Code - Multiple Vulnerabilities
by Ichi
WordPress Plugin Uploader - Arbitrary File Upload
by Sammy FORGIT
By Source