Text Exploits
31,386 exploits tracked across all sources.
CuteNews 1.4.6 and UTF-8 CuteNews < 8b - Authenticated Article Modification via ID Parameter
The editnews module in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews before 8b, when magic_quotes_gpc is disabled, allows remote authenticated users with Journalist or Editor access to bypass administrative moderation and edit previously submitted articles via a modified id parameter in a doeditnews action.
by Andrew Horton
CuteNews 1.4.6 - Cross-Site Scripting via lastusername/mod Parameters and title Parameter
Multiple cross-site scripting (XSS) vulnerabilities in CutePHP CuteNews 1.4.6, when register_globals is enabled and magic_quotes_gpc is disabled, allow remote attackers to inject arbitrary web script or HTML via the (1) lastusername and (2) mod parameters to index.php; and (3) the title parameter to search.php.
by Andrew Horton
CutePHP CuteNews 1.4.6 and UTF-8 CuteNews < 8b - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews before 8b allow remote attackers to inject arbitrary web script or HTML via (1) the result parameter to register.php; (2) the user parameter to search.php; the (3) cat_msg, (4) source_msg, (5) postponed_selected, (6) unapproved_selected, and (7) news_per_page parameters in a list action to the editnews module of index.php; and (8) the link tag in news comments. NOTE: some of the vulnerabilities require register_globals to be enabled and/or magic_quotes_gpc to be disabled.
by Andrew Horton
CuteNews 1.4.6 and UTF-8 CuteNews 8 and 8b - Stored Cross-Site Scripting via News Article Body
Cross-site scripting (XSS) vulnerability in index.php in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews 8 and 8b, when magic_quotes_gpc is disabled, allows remote attackers to inject arbitrary web script or HTML via the body of a news article in an addnews action.
by Andrew Horton
CutePHP CuteNews 1.4.6 and UTF-8 CuteNews < 8b - Cross-Site Request Forgery via Edit Users Action
Cross-site request forgery (CSRF) vulnerability in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews before 8b allows remote attackers to hijack the authentication of administrators for requests that create new users, including a new administrator, via an adduser action in the editusers module in index.php.
by Andrew Horton
CutePHP CuteNews <8b - Info Disclosure
CutePHP CuteNews 1.4.6 and UTF-8 CuteNews before 8b allows remote attackers to obtain sensitive information via an invalid date value in the from_date_day parameter to search.php, which reveals the installation path in an error message.
by Andrew Horton
Apache HTTP Server < 2.2.14 - Plaintext Injection via TLS Renegotiation
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
by Dan Kaminsky
CVSS 9.8
WP-Cumulus < 1.23 - Cross-Site Scripting via Tagcloud Parameter
Cross-site scripting (XSS) vulnerability in Roy Tanck tagcloud.swf, as used in the WP-Cumulus plugin before 1.23 for WordPress and the Joomulus module 2.0 and earlier for Joomla!, allows remote attackers to inject arbitrary web script or HTML via the tagcloud parameter in a tags action. Cross-site scripting (XSS) vulnerability in tagcloud.swf in the WP-Cumulus Plug-in before 1.23 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tagcloud parameter.
by MustLive
Blender 2.49b - '.blend' Remote Command Execution
by Fernando Russ
Apache Tomcat - Form Authentication 'Username' Enumeration
by D. Matscheko
Apache Tomcat - Cookie Quote Handling Remote Information Disclosure
by John Kew
Apache mod_perl - Cross-Site Scripting via URI Parameter in Apache::Status
Cross-site scripting (XSS) vulnerability in Status.pm in Apache::Status and Apache2::Status in mod_perl1 and mod_perl2 for the Apache HTTP Server, when /perl-status is accessible, allows remote attackers to inject arbitrary web script or HTML via the URI.
by Richard H. Brain
Adobe Acrobat and Reader < 9.2 - Remote Code Execution
Array index error in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow attackers to execute arbitrary code via unspecified vectors.
by Felipe Andres Manzano
OpenLDAP 2.3.39 - MODRDN Remote Denial of Service
by Ralf Haferkamp
Linux kernel <2.6.32 - Local Privilege Escalation
The EXT4_IOC_MOVE_EXT (aka move extents) ioctl implementation in the ext4 filesystem in the Linux kernel before 2.6.32-git6 allows local users to overwrite arbitrary files via a crafted request, related to insufficient checks for file permissions.
by Akira Fujita
ToutVirtual VirtualIQ Pro 3.2 build 7882 and 3.5 build 8691 - Cross-Site Request Forgery
Multiple cross-site request forgery (CSRF) vulnerabilities in ToutVirtual VirtualIQ Pro 3.2 build 7882 and 3.5 build 8691 allow remote attackers to hijack the authentication of administrators for requests that (1) create a new user account via a save action to tvserver/user/user.do, (2) shutdown a virtual machine, (3) start a virtual machine, (4) restart a virtual machine, or (5) schedule an activity.
by Alberto Trivero
PHP 5.3.0 - 'pdflib' Arbitrary File Write
by Sina Yazdanmehr
McAfee IntruShield Network Security Manager < 5.1.11.6 - Cross-Site Scripting via Login.jsp Parameters
Multiple cross-site scripting (XSS) vulnerabilities in intruvert/jsp/module/Login.jsp in McAfee IntruShield Network Security Manager (NSM) before 5.1.11.6 allow remote attackers to inject arbitrary web script or HTML via the (1) iaction or (2) node parameter.
by Daniel King
McAfee IntruShield Network Security Manager < 5.1.11.8.1 - Cross-Site Scripting via Session Cookie
McAfee IntruShield Network Security Manager (NSM) before 5.1.11.8.1 does not include the HTTPOnly flag in the Set-Cookie header for the session identifier, which allows remote attackers to hijack a session by leveraging a cross-site scripting (XSS) vulnerability.
by Daniel King
Kingsoft Internet Security 9 - Denial of Service
by Francis Provencher
Blender 2.34, 2.35a, 2.40, 2.49b - Remote Code Execution via ScriptLink SDNA onLoad Action
Blender 2.34, 2.35a, 2.40, and 2.49b allows remote attackers to execute arbitrary code via a .blend file that contains Python statements in the onLoad action of a ScriptLink SDNA.
by Core Security
Portili Personal and Team Wiki 1.14 - Multiple Vulnerabilities (1)
by Abysssec
Adobe Shockwave Player < 11.5.1.601 - Heap-Based Buffer Overflow via PlayerVersion Property
Heap-based buffer overflow in the SwDir.dll ActiveX control in Adobe Shockwave Player 11.5.1.601 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long PlayerVersion property value.
by Francis Provencher
Xerox Fiery Webtools - SQL Injection
SQL injection vulnerability in summary.php in Xerox Fiery Webtools allows remote attackers to execute arbitrary SQL commands via the select parameter.
by Bernardo Trigo
By Source