Text Exploits
31,383 exploits tracked across all sources.
ABB ASPECT Enterprise, NEXUS Series, MATRIX Series <3.08.02 - Credentials Disclosure
Credentials Disclosure vulnerabilities allow access to on board project back-up bundles.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
by LiquidWorm
CVSS 7.5
ABB ASPECT/Enterprise/NEXUS/MATRIX Firmware < 3.08.03 - Remote Code Execution
Improper Input Validation vulnerability allows Remote Code Execution.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
by LiquidWorm
CVSS 10.0
ABB ASPECT Enterprise and NEXUS/MATRIX Series < 3.08.03 - Cross-Site Scripting
Cross Site Scripting vulnerabilities where found providing a potential for malicious scripts to be injected into a client browser.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
by LiquidWorm
CVSS 9.0
ABB ASPECT Enterprise and NEXUS/MATRIX Series < 3.08.03 - Cross-Site Scripting
Cross Site Scripting vulnerabilities where found providing a potential for malicious scripts to be injected into a client browser.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
by LiquidWorm
CVSS 9.0
ABB ASPECT Enterprise and NEXUS/MATRIX Series < 3.08.03 - Cross-Site Scripting
Cross Site Scripting vulnerabilities where found providing a potential for malicious scripts to be injected into a client browser.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
by LiquidWorm
CVSS 9.0
ABB ASPECT, NEXUS, and MATRIX Series <3.07.02 - Weak Password Reset Rules
Weak Password Reset Rules vulnerabilities where found providing a potiential for the storage of weak passwords that could facilitate unauthorized admin/application access.
Affected products:
ABB ASPECT - Enterprise v3.07.02;
NEXUS Series v3.07.02;
MATRIX Series v3.07.02
by LiquidWorm
CVSS 9.4
Silverstripe asset-admin < 5.3.8 - oEmbed Cross-Site Scripting
silverstripe-asset-admin is a silverstripe assets gallery for asset management. When using the "insert media" functionality, the linked oEmbed JSON includes an HTML attribute which will replace the embed shortcode. The HTML is not sanitized before replacing the shortcode, allowing a script payload to be executed on both the CMS and the front-end of the website. This issue has been addressed in silverstripe/framework version 5.3.8 and users are advised to upgrade. There are no known workarounds for this vulnerability.
by James Nicoll
CVSS 5.4
OpenPanel 0.3.4 - Path Traversal via File Manager Copy and View Functions
An issue found in the Copy and View functions in the File Manager component of OpenPanel v0.3.4 allows attackers to execute a directory traversal via a crafted HTTP request.
by Korn Chaisuwan_ Charanin Thongudom_ Pongtorn Angsuchotmetee
CVSS 7.5
OpenPanel v0.3.4 - OS Command Injection via Timezone Parameter
OpenPanel v0.3.4 was discovered to contain an OS command injection vulnerability via the timezone parameter.
by Korn Chaisuwan_ Charanin Thongudom_ Pongtorn Angsuchotmetee
CVSS 9.8
OpenPanel 0.3.4 - Path Traversal via File Manager Copy and View Functions
An issue found in the Copy and View functions in the File Manager component of OpenPanel v0.3.4 allows attackers to execute a directory traversal via a crafted HTTP request.
by Korn Chaisuwan_ Charanin Thongudom_ Pongtorn Angsuchotmetee
CVSS 7.5
openpanel 0.2.1-0.3.4 - Path Traversal in File Manager File Actions
An issue in OpenPanel v0.3.4 to v0.2.1 allows attackers to execute a directory traversal in File Actions of File Manager.
by Korn Chaisuwan_ Charanin Thongudom_ Pongtorn Angsuchotmetee
CVSS 9.1
GestioIP 3.5.7 - Stored Cross-Site Scripting via TSIG Key Field
The ip_mod_dns_key_form.cgi request in GestioIP v3.5.7 is vulnerable to Stored XSS. An attacker can inject malicious code into the "TSIG Key" field, which is saved in the database and triggers XSS when viewed, enabling data exfiltration and CSRF attacks.
by Maximiliano Belino
CVSS 6.1
GestioIP 3.5.7 - Remote Code Execution via Malicious File Upload
An issue in GestioIP v3.5.7 allows a remote attacker to execute arbitrary code via the file upload function. The attacker can upload a malicious perlcmd.cgi file that overwrites the original upload.cgi file, enabling remote command execution.
by Maximiliano Belino
CVSS 9.8
GestioIP 3.5.7 - Reflected Cross-Site Scripting via ip_import_acl_csv Request
The ip_import_acl_csv request in GestioIP v3.5.7 is vulnerable to Reflected XSS. When a user uploads an improperly formatted file, the content may be reflected in the HTML response, allowing the attacker to execute malicious scripts or exfiltrate data.
by Maximiliano Belino
CVSS 4.8
GestioIP 3.5.7 - Cross-Site Scripting via ip_do_job Request
The ip_do_job request in GestioIP v3.5.7 is vulnerable to Cross-Site Scripting (XSS). It allows data exfiltration and enables CSRF attacks. The vulnerability requires specific user permissions within the application to exploit successfully.
by Maximiliano Belino
CVSS 4.8
GestioIP 3.5.7 - Cross-Site Request Forgery
Multiple endpoints in GestioIP v3.5.7 are vulnerable to Cross-Site Request Forgery (CSRF). An attacker can execute actions via the admin's browser by hosting a malicious URL, leading to data modification, deletion, or exfiltration.
by Maximiliano Belino
CVSS 8.8
NetMan 204 Missing Authentication for Administrative Functions
NetMan 204 fails to enforce authentication on its administrative pages and command endpoints. A remote, unauthenticated attacker can directly request administrative pages (such as administration.html, administration-commands.html, and configuration.html) to disclose sensitive information including LDAP configuration and active user details, and can invoke privileged UPS control commands — including shutdown, reboot, switch-on-bypass, and battery test — without supplying any credentials.
by Parsa Rezaie Khiabanloo
CVSS 9.8
NetMan 204 Hard-coded Backdoor Credentials
NetMan 204 contains a hard-coded backdoor account with the username and password 'eurek' that grants administrative access. A remote, unauthenticated attacker can authenticate through the cgi-bin/login.cgi endpoint (for example /cgi-bin/login.cgi?username=eurek&password=eurek, which due to lax parameter validation can be shortened to /cgi-bin/login.cgi?username=eurek%20eurek) to obtain administrator privileges, allowing them to alter device configuration, enable the telnet/SSH services, and reset local user credentials.
by Parsa Rezaie Khiabanloo
CVSS 9.8
Roundcube Webmail < 1.5.7 and 1.6.x < 1.6.7 - Cross-Site Scripting via SVG Animate Attributes
Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes.
by AmirZargham
CVSS 6.1
RosarioSIS < 7.6.1 - Unauthenticated SQL Injection via PortalPollsNotes Votes Parameter
An unauthenticated SQL Injection vulnerability exists in RosarioSIS before 7.6.1 via the votes parameter in ProgramFunctions/PortalPollsNotes.fnc.php.
by CodeSecLab
CVSS 9.8
phpipam v1.6 - Reflected Cross-Site Scripting via closeClass Parameter
phpipam v1.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the closeClass parameter at /subnet-masks/popup.php.
by CodeSecLab
CVSS 6.1
code-projects/anirbandutta9 Content Management System and News-Buzz 1.0 - SQL Injection via user_name Parameter
A vulnerability, which was classified as critical, was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument user_name leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product is distributed under two entirely different names.
by egsec
CVSS 7.3
MiniCMS 1.1 - Cross-Site Scripting via Date Parameter
MiniCMS version 1.1 contains a Cross Site Scripting (XSS) vulnerability in http://example.org/mc-admin/page.php?date={payload} that can result in code injection.
by CodeSecLab
CVSS 6.1
LearnPress - WordPress LMS Plugin <4.2.7 - SQL Injection
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to SQL Injection via the 'c_only_fields' parameter of the /wp-json/learnpress/v1/courses REST API endpoint in all versions up to, and including, 4.2.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
by Francisco Moraga (BTshell)
CVSS 10.0
Gnuboard5 <=5.3.2.8 - SQL Injection
SQL Injection vulnerability in gnuboard5 <=v5.3.2.8 via the table_prefix parameter in install_db.php.
by CodeSecLab
CVSS 9.8
By Source