Text Exploits
31,383 exploits tracked across all sources.
Hugging Face Transformers MobileViTV2 - Deserialization
Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of configuration files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-24322.
by The Kernel Panic
CVSS 8.8
Smart Manager WP <8.28.0 - SQL Injection
The Smart Manager WordPress plugin before 8.28.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin.
by Ivan Spiridonov
CVSS 7.2
phpMyFAQ < 3.2.10 - Unauthenticated File Download via FAQ Record Iframe Embed
phpMyFAQ is an open source FAQ web application. Prior to version 3.2.10, a vulnerability exists in the FAQ Record component where a privileged attacker can trigger a file download on a victim's machine upon page visit by embedding it in an <iframe> element without user interaction or explicit consent. Version 3.2.10 fixes the issue.
by Geo
CVSS 4.9
phpmyfaq < 3.1.9 - Reflected Cross-Site Scripting
Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.9.
by CodeSecLab
CVSS 6.1
ABB Cylon Aspect 4.00.00 (factorySetSerialNum.php) - Remote Code Execution
by LiquidWorm
ABB Cylon Aspect 4.00.00 (factorySaved.php) - Unauthenticated XSS
by LiquidWorm
ABB Cylon Aspect 3.08.03 (webServerDeviceLabelUpdate.php) - File Write DoS
by LiquidWorm
WooCommerce Customers Manager < 29.7 - Authenticated SQL Injection
The WooCommerce Customers Manager WordPress plugin before 29.7 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to an SQL injection exploitable by Subscriber+ role.
by Ivan Spiridonov
CVSS 8.1
Teedy 1.11 - Cross-Site Scripting via Management Console
Teedy 1.11 is vulnerable to Cross Site Scripting (XSS) via the management console.
by Ayato Shitomi @ Fore-Z co.ltd
CVSS 8.4
ProConf < 6.1 - Unauthenticated Insecure Direct Object Reference via Paper ID Parameter
In ProConf before 6.1, an Insecure Direct Object Reference (IDOR) allows any author to view and grab all submitted papers (Title and Abstract) and their authors' personal information (Name, Email, Organization, and Position) by changing the value of Paper ID (the pid parameter).
by ub3rsick
CVSS 6.5
Garage Management System v1.0 - XSS
A stored cross-site scripting (XSS) vulnerability in Garage Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the categoriesName parameter in createCategories.php.
by ub3rsick
CVSS 5.4
ethercreative/logs < 3.0.4 - Path Traversal via actionStream in Controller.php
The Logs plugin before 3.0.4 for Craft CMS allows remote attackers to read arbitrary files via input to actionStream in Controller.php.
by ub3rsick
CVSS 4.9
CommScope Ruckus IoT Controller <1.7.1.0 - Privilege Escalation
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. An Undocumented Backdoor exists, allowing shell access via a developer account.
by ub3rsick
CVSS 9.8
ASUS ASMB8-iKVM Firmware <= 1.14.51 - Remote Code Execution via SNMP Extension Creation
ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for command execution.
by ub3rsick
CVSS 9.8
makeplane plane 0.23.1 - Server-Side Request Forgery via Password Recovery
Server side request forgery (SSRF) vulnerability in makeplane plane 0.23.1 via the password recovery.
by Saud Alenazi
CVSS 9.1
Alkacon OpenCMS 17.0 - Stored Cross-Site Scripting via Author Parameter
A stored cross-site scripting (XSS) vulnerability in Alkacon OpenCMS v17.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the author parameter under the Create/Modify article function.
by Siddhartha Naik
CVSS 5.4
XWiki 11.8-15.10.7 - Stored Cross-Site Scripting via Edit Conflict
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. By creating a conflict when another user with more rights is currently editing a page, it is possible to execute JavaScript snippets on the side of the other user, which compromises the confidentiality, integrity and availability of the whole XWiki installation. This has been patched in XWiki 15.10.8 and 16.3.0RC1.
by Siddhartha Naik
CVSS 9.0
Cacti Import Packages RCE
Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, an arbitrary file write vulnerability, exploitable through the "Package Import" feature, allows authenticated users having the "Import Templates" permission to execute arbitrary PHP code on the web server. The vulnerability is located within the `import_package()` function defined into the `/lib/import.php` script. The function blindly trusts the filename and file content provided within the XML data, and writes such files into the Cacti base path (or even outside, since path traversal sequences are not filtered). This can be exploited to write or overwrite arbitrary files on the web server, leading to execution of arbitrary PHP code or other security impacts. Version 1.2.27 contains a patch for this issue.
by D3Ext
CVSS 9.1
ABB Cylon Aspect 3.08.02 (webServerUpdate.php) - Input Validation Config Poisoning
by LiquidWorm
ABB ASPECT, NEXUS, and MATRIX Firmware < 3.08.03 - Denial of Service
Denial of Service vulnerabilities where found providing a potiential for device service disruptions.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
by LiquidWorm
CVSS 7.7
IBM i 7.3, 7.4, and 7.5 - Server-Side Request Forgery
IBM i 7.3, 7.4, and 7.5
is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
by hyp3rlinx
CVSS 5.4
IBM i 7.3-7.5 - Authenticated Authentication Bypass via Navigator for i Interface
IBM i 7.3, 7.4, and 7.5 is vulnerable to bypassing Navigator for i interface restrictions. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to remotely perform operations that the user is not allowed to perform when using Navigator for i.
by hyp3rlinx
CVSS 4.3
ABB Cylon Aspect 3.08.03 (MapServicesHandler) - Authenticated Reflected XSS
by LiquidWorm
By Source