Text Exploits
31,386 exploits tracked across all sources.
OpenEMR 6.0.0 - Unauthenticated Insecure Direct Object Reference via pnotes_print.php noteid Parameter
OpenEMR 6.0.0 has a pnotes_print.php?noteid= Insecure Direct Object Reference vulnerability via which an attacker can read the messages of all users.
by Allen Enosh Upputori
CVSS 6.5
Remote Mouse 4.002 - Privilege Escalation
Remote Mouse 4.002 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path in the RemoteMouseService to inject malicious executables and gain administrative access.
by Salman Asad
CVSS 7.8
OS4Ed OpenSIS Community 8.0 - Info Disclosure
OS4Ed OpenSIS Community 8.0 is vulnerable to a local file inclusion vulnerability in Modules.php (modname parameter), which can disclose arbitrary file from the server's filesystem as long as the application has access to the file.
by Eric Salario
CVSS 6.5
Dolibarr Open Source ERP & CRM <14.0.1 - Privilege Escalation
Dolibarr Open Source ERP & CRM for Business before v14.0.1 allows attackers to escalate privileges via a crafted API.
by Vishwaraj Bhattrai
CVSS 9.8
OpenSIS 8.0 - Authenticated SQL Injection via cp_id_miss_attn Parameter
A SQL injection vulnerability exists in the Take Attendance functionality of OS4Ed's OpenSIS 8.0. allows an attacker to inject their own SQL query. The cp_id_miss_attn parameter from TakeAttendance.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request as a user with access to "Take Attendance" functionality to trigger this vulnerability.
by Eric Salario
CVSS 8.8
WordPress Plugin Duplicate Page 4.4.1 - Stored Cross-Site Scripting (XSS)
by Nikhil Kapoor
WPanel 4.3.1 - Remote Code Execution (RCE) (Authenticated)
by Sentinal920
Compro IP70, IP570, IP60, TN540 Firmware - Unauthenticated RTSP Stream Access
An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. rstp://.../medias2 does not require authorization.
by icekam
CVSS 7.5
Compro IP70 IP570 IP60 TN540 Firmware - Credential Disclosure via cameralist.cgi and setcamera.cgi
An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. cameralist.cgi and setcamera.cgi disclose credentials.
by icekam
CVSS 7.5
Compro IP70 IP570 IP60 TN540 Firmware - Unauthenticated Denial of Service via killps.cgi
An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. /cgi-bin/support/killps.cgi deletes all data from the device.
by icekam
CVSS 8.1
Compro IP70/IP570/TN540 <2.08 - Info Disclosure
An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. mjpegStreamer.cgi allows video screenshot access.
by icekam
CVSS 7.5
Compro IP70/IP570/IP60/TN540 <2.08 - Info Disclosure
An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. index_MJpeg.cgi allows video access.
by icekam
CVSS 7.5
WordPress GetPaid Plugin 2.4.6 HTML Injection via Help Text
WordPress GetPaid Plugin 2.4.6 contains an HTML injection vulnerability that allows authenticated attackers to inject arbitrary HTML code by exploiting the Help Text field in payment forms. Attackers can inject malicious HTML including image tags and scripts into the Help Text field during payment form creation, which gets stored in the database and executed in the browser when the form is viewed.
by Niraj Mahajan
CVSS 5.4
Projectsend r1295 Stored Cross-Site Scripting via files-edit.php
Projectsend r1295 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input in the 'name' parameter of files-edit.php. Attackers can inject JavaScript payloads through the file name field that execute in the browser when the file is viewed by other users, particularly affecting System Administrator users on the Dashboard page.
by Abdullah Kala
CVSS 6.4
PHPGurukul Bus Pass Management System 1.0 - SQL Injection via viewid Parameter
A vulnerability, which was classified as critical, was found in PHPGurukul Bus Pass Management System 1.0. This affects an unknown part of the file /view-pass-detail.php. The manipulation of the argument viewid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
by Aryan Chehreghani
CVSS 7.3
COMMAX WebViewer ActiveX Control 2.1.4.5 - Buffer Overflow
COMMAX WebViewer ActiveX Control 2.1.4.5 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by providing excessively long string arrays through multiple functions. Attackers can exploit boundary errors in Commax_WebViewer.ocx to cause buffer overflow conditions and potentially gain code execution.
by LiquidWorm
COMMAX UMS Client ActiveX Control 1.7.0.2 - Buffer Overflow
COMMAX UMS Client ActiveX Control 1.7.0.2 contains a heap-based buffer overflow vulnerability that allows attackers to execute arbitrary code by providing excessively long string arrays through multiple functions. Attackers can exploit improper boundary validation in CNC_Ctrl.dll to cause heap corruption and potentially gain system-level access.
by LiquidWorm
ProcessMaker 3.5.4 Local File Inclusion via Path Traversal
ProcessMaker 3.5.4 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting improper path traversal validation. Attackers can send requests with directory traversal sequences to access sensitive system files like /etc/passwd without authentication.
by Ai Ho
CVSS 6.2
Simple Phone Book 1.0 - 'Username' SQL Injection (Unauthenticated)
by Justin White
Online Traffic Offense Management System 1.0 - 'id' SQL Injection (Authenticated)
by Justin White
Laundry Booking Management System 1.0 - 'Multiple' Stored Cross-Site Scripting (XSS)
by Azumah Foresight Xorlali
Laundry Booking Management System 1.0 - 'Multiple' SQL Injection
by Azumah Foresight Xorlali
Charity Management System CMS 1.0 - Multiple Vulnerabilities
by Davide Taraschi
Crime records Management System 1.0 - 'Multiple' SQL Injection (Authenticated)
by Davide Taraschi
COVID19 Testing Management System 1.0 - 'Multiple' SQL Injections
by Halit AKAYDIN
By Source