Text Exploits
31,386 exploits tracked across all sources.
WordPress Plugin PhotoSmash Galleries 1.0.x - 'action' Cross-Site Scripting
by High-Tech Bridge SA
WordPress Plugin Inline Gallery 0.3.9 - 'do' Cross-Site Scripting
by High-Tech Bridge SA
WordPress Plugin GRAND Flash Album Gallery 0.55 - Multiple Vulnerabilities
by High-Tech Bridge SA
WordPress Plugin 1 Flash Gallery 0.2.5 - Cross-Site Scripting / SQL Injection
by High-Tech Bridge SA
Ruubikcms 1.0.3 - 'head.php' Cross-Site Scripting
by Khashayar Fereidani
Kodak InSite 5.5.2 - Cross-Site Scripting via Language Parameter, HeaderWarning Parameter, or User-Agent Header
Multiple cross-site scripting (XSS) vulnerabilities in Kodak InSite 5.5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Language parameter to Pages/login.aspx, (2) HeaderWarning parameter to Troubleshooting/DiagnosticReport.asp, or (3) User-Agent header to troubleshooting/speedtest.asp.
by Dionach
Kodak InSite 5.5.2 - Cross-Site Scripting via Language Parameter, HeaderWarning Parameter, or User-Agent Header
Multiple cross-site scripting (XSS) vulnerabilities in Kodak InSite 5.5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Language parameter to Pages/login.aspx, (2) HeaderWarning parameter to Troubleshooting/DiagnosticReport.asp, or (3) User-Agent header to troubleshooting/speedtest.asp.
by Dionach
FocalMedia.Net Quick Polls < 1.0.1 - Path Traversal and Arbitrary File Deletion via p Parameter
Multiple directory traversal vulnerabilities in FocalMedia.Net Quick Polls before 1.0.2 allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the p parameter in a preview action to index.php, or (2) delete arbitrary files via a .. (dot dot) in the p parameter in a delete action to index.php.
by Mark Stanislav
Microsoft .NET Framework 3.5 Gold/SP1, 3.5.1, 4.0 - Remote Code Execution via JIT Compiler Null String Handling
The JIT compiler in Microsoft .NET Framework 3.5 Gold and SP1, 3.5.1, and 4.0, when IsJITOptimizerDisabled is false, does not properly handle expressions related to null strings, which allows context-dependent attackers to bypass intended access restrictions, and consequently execute arbitrary code, in opportunistic circumstances by leveraging a crafted application, as demonstrated by (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka ".NET Framework JIT Optimization Vulnerability."
by Brian Mancini
CVSS 7.7
Lms Web Ensino - Multiple Input Validation Vulnerabilities
by waKKu
COMTREND ADSL Router CT-5367 C01_R12 - Remote Code Execution
by Todor Donev
xtcModified 1.05 - Multiple HTML Injection / Cross-Site Scripting Vulnerabilities
by High-Tech Bridge SA
Support Incident Tracker (SiT!) 3.62 - Multiple Cross-Site Scripting Vulnerabilities
by AutoSec Tools
Pragyan CMS 3.0 Beta - Multiple Cross-Site Scripting Vulnerabilities
by High-Tech Bridge SA
phpWebSite 1.7.1 - 'local' Cross-Site Scripting
by AutoSec Tools
Interleave 5.5.0.2 - 'basicstats.php' Multiple Cross-Site Scripting Vulnerabilities
by AutoSec Tools
By Source