Text Exploits
31,386 exploits tracked across all sources.
TextPattern 4.2 - 'index.php' Cross-Site Scripting
by kurdish hackers team
Redmine 1.0.1-1.1.1 - Cross-Site Scripting via PATH_INFO
Cross-site scripting (XSS) vulnerability in app/views/layouts/base.rhtml in Redmine 1.0.1 through 1.1.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to projects/hg-helloworld/news/. NOTE: some of these details are obtained from third party information.
by Mesut Timur
greenpants 0.1.7 - Multiple Vulnerabilities
by Ptrace Security
qooxdoo 1.3 - Path Traversal via Delay.php File Parameter
Directory traversal vulnerability in framework/source/resource/qx/test/part/delay.php in QooxDoo 1.3 and possibly other versions, as used in eyeOS 2.2 and 2.3, and possibly other products allows remote attackers to read arbitrary files via ..%2f (encoded dot dot) sequences in the file parameter.
by AutoSec Tools
Dream Vision Technologies Web Portal - SQL Injection
by eXeSoul
WP Custom Pages <0.5.0.1 - Path Traversal
Directory traversal vulnerability in wp-download.php in the WP Custom Pages module 0.5.0.1 for WordPress allows remote attackers to read arbitrary files via ..%2F (encoded dot dot) sequences in the url parameter.
by AutoSec Tools
UseBB 1.0.11 - 'admin.php' Local File Inclusion
by High-Tech Bridge SA
OpenEMR 4 - Cross-Site Scripting via Site Parameter
Cross-site scripting (XSS) vulnerability in setup.php in OpenEMR 4 allows remote attackers to inject arbitrary web script or HTML via the site parameter.
by AutoSec Tools
Eleanor CMS - Cross-Site Scripting / Multiple SQL Injections
by High-Tech Bridge SA
feedparser < 5.0 - Cross-Site Scripting via Nested CDATA Stanzas
Cross-site scripting (XSS) vulnerability in feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) before 5.0 allows remote attackers to inject arbitrary web script or HTML via vectors involving nested CDATA stanzas.
by fazalmajid
Yaws-Wiki 1.88-1 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
by Michael Brooks
XOOPS 2.5 - 'banners.php' Multiple Local File Inclusions
by KedAns-Dz
WordPress Plugin WPwizz AdWizz Plugin 1.0 - 'link' Cross-Site Scripting
by John Leitch
Gazelle CMS 1.0 - Cross-Site Scripting / SQL Injection
by kurdish hackers team
DoceboLms 4.0.4 - Multiple Persistent Cross-Site Scripting Vulnerabilities
by LiquidWorm
Yaws 1.88 - Cross-Site Scripting via Wiki Application Parameters
Multiple cross-site scripting (XSS) vulnerabilities in the wiki application in Yaws 1.88 allow remote attackers to inject arbitrary web script or HTML via (1) the tag parameter to editTag.yaws, (2) the index parameter to showOldPage.yaws, (3) the node parameter to allRefsToMe.yaws, or (4) the text parameter to editPage.yaws.
by Michael Brooks
By Source