Text Exploits
31,386 exploits tracked across all sources.
Genexis Platinum 4410 V2-1.28 - Cross-Site Request Forgery
Cross site request forgery (CSRF) in Genexis Platinum 4410 V2-1.28, allows attackers to cause a denial of service by continuously restarting the router.
by Mohammed Farhan
CVSS 6.5
Project Worlds Online Examination System 1.0 - XSS
XSS in signup form in Project Worlds Online Examination System 1.0 allows remote attacker to inject arbitrary code via the name field
by Nikhil Kumar
CVSS 6.1
Mailman 1.x > 2.1.23 - Cross Site Scripting (XSS)
by Valerio Alessandroni
Program Access Controller 1.2.0.0 - Privilege Escalation
Program Access Controller 1.2.0.0 contains an unquoted service path vulnerability in PACService.exe that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted path during system startup or reboot to inject and run malicious executables with LocalSystem permissions.
by Mohammed Alshehri
CVSS 7.8
Prey 1.9.6 - Unquoted Service Path Privilege Escalation via CronService
Prey 1.9.6 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in the CronService to insert malicious code that would execute during application startup or system reboot.
by Ömer Tuygun
CVSS 7.8
IP Watcher 3.0.0.30 - Code Injection
IP Watcher 3.0.0.30 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with elevated LocalSystem privileges during service startup.
by Mohammed Alshehri
CVSS 7.8
EPSON 1.124 - Unquoted Service Path Privilege Escalation in SENADB Service
EPSON 1.124 contains an unquoted service path vulnerability in the SENADB service that allows local attackers to execute code with elevated system privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\EPSON_P2B\Printer Software\Status Monitor\ to inject malicious executables that will run with LocalSystem permissions.
by İsmail Önder Kaya
CVSS 7.8
Oracle Business Intelligence Enterprise Edition - Info Disclosure
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Installation). Supported versions that are affected are 5.5.0.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Business Intelligence Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Business Intelligence Enterprise Edition accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
by Ivo Palazzolo
CVSS 7.5
Blueman < 2.1.4 - Command Injection via DhcpClient D-Bus Method
Blueman is a GTK+ Bluetooth Manager. In Blueman before 2.1.4, the DhcpClient method of the D-Bus interface to blueman-mechanism is prone to an argument injection vulnerability. The impact highly depends on the system configuration. If Polkit-1 is disabled and for versions lower than 2.0.6, any local user can possibly exploit this. If Polkit-1 is enabled for version 2.0.6 and later, a possible attacker needs to be allowed to use the `org.blueman.dhcp.client` action. That is limited to users in the wheel group in the shipped rules file that do have the privileges anyway. On systems with ISC DHCP client (dhclient), attackers can pass arguments to `ip link` with the interface name that can e.g. be used to bring down an interface or add an arbitrary XDP/BPF program. On systems with dhcpcd and without ISC DHCP client, attackers can even run arbitrary scripts by passing `-c/path/to/script` as an interface name. Patches are included in 2.1.4 and master that change the DhcpClient D-Bus method(s) to accept BlueZ network object paths instead of network interface names. A backport to 2.0(.8) is also available. As a workaround, make sure that Polkit-1-support is enabled and limit privileges for the `org.blueman.dhcp.client` action to users that are able to run arbitrary commands as root anyway in /usr/share/polkit-1/rules.d/blueman.rules.
by Vaisha Bernard
CVSS 7.1
TDM Digital Signage PC Player 4.1.0.4 - Privilege Escalation
TDM Digital Signage PC Player 4.1.0.4 contains an elevation of privileges vulnerability that allows authenticated users to modify executable files. Attackers can leverage the 'Modify' permissions for authenticated users to replace executable files with malicious binaries and gain elevated system access.
by LiquidWorm
CVSS 8.8
Adtec Digital SignEdje <2.08.28 - Unauthenticated RCE
Adtec Digital SignEdje Digital Signage Player v2.08.28 contains multiple hardcoded default credentials that allow unauthenticated remote access to web, telnet, and SSH interfaces. Attackers can exploit these credentials to gain root-level access and execute system commands across multiple Adtec Digital product versions.
by LiquidWorm
CVSS 7.5
Client Management System 1.0 - 'searchdata' SQL injection
by Serkan Sancar
ReQuest Serious Play F3 Media Server <7.0.3.4968 - DoS
ReQuest Serious Play F3 Media Server versions 7.0.3.4968 (Pro), 7.0.2.4954, 6.5.2.4954, 6.4.2.4681, 6.3.2.4203, and 2.0.1.823 contain a remote denial-of-service vulnerability. The device can be shut down or rebooted by an unauthenticated attacker through a single crafted HTTP GET request, allowing remote interruption of service availability.
by LiquidWorm
PDW File Browser < 1.3 - Authenticated Stored and Reflected Cross-Site Scripting via File Rename and Path Parameters
PDW File Browser version 1.3 contains stored and reflected cross-site scripting vulnerabilities that allow authenticated attackers to inject malicious scripts through file rename and path parameters. Attackers can craft malicious URLs or rename files with XSS payloads to execute arbitrary JavaScript in victims' browsers when they access the file browser.
by David Bimmel
CVSS 5.4
ReQuest Serious Play Media Player 3.0 - Info Disclosure
ReQuest Serious Play Media Player 3.0 contains an unauthenticated file disclosure vulnerability when input passed through the 'file' parameter in and script is not properly verified before being used to read web log files. Attackers can exploit this to disclose contents of files from local resources.
by LiquidWorm
ReQuest Serious Play F3 Media Server 7.0.3 - RCE
ReQuest Serious Play F3 Media Server 7.0.3 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands as the web server user. Attackers can upload PHP executable files via the Quick File Uploader page, resulting in remote code execution on the server.
by LiquidWorm
ReQuest Serious Play F3 Media Server <7.0.3.4968 - Info Disclosure
ReQuest Serious Play F3 Media Server versions 7.0.3.4968 (Pro), 7.0.2.4954, 6.5.2.4954, 6.4.2.4681, 6.3.2.4203, and 2.0.1.823 allows unauthenticated attackers to disclose the webserver's Python debug log file containing system information, credentials, paths, processes and command arguments running on the device. Attackers can access sensitive information by visiting the message_log page.
by LiquidWorm
Genexis Platinum-4410 Firmware P4410-V2-1.28 - Stored Cross-Site Scripting in WLAN SSID Parameter
Genexis Platinum-4410 P4410-V2-1.28 devices allow stored XSS in the WLAN SSID parameter. This could allow an attacker to perform malicious actions in which the XSS popup will affect all privileged users.
by Amal Mohandas
CVSS 5.4
Online Health Care System 1.0 - Multiple Cross Site Scripting (Stored)
by Akıner Kısa
Online Library Management System 1.0 - Unauthenticated Arbitrary File Upload and Remote Code Execution via Image Upload
An Arbitrary File Upload in the Upload Image component in SourceCodester Online Library Management System 1.0 allows the user to conduct remote code execution via admin/borrower/index.php?view=add because .php files can be uploaded to admin/borrower/photos (under the web root).
by Jyotsna Adhana
CVSS 9.8
Gym Management System 1.0 - Stored Cross-Site Scripting via Package Name and Description Fields
Stored Cross-site scripting (XSS) vulnerability in SourceCodester Gym Management System 1.0 allows users to inject and store arbitrary JavaScript code in index.php?page=packages via vulnerable fields 'Package Name' and 'Description'.
by Jyotsna Adhana
CVSS 6.1
Gym Management System - SQL Injection
An SQL injection vulnerability was discovered in Gym Management System In manage_user.php file, GET parameter 'id' is vulnerable.
by Jyotsna Adhana
CVSS 9.8
Car Rental Management System 1.0 - Unauthenticated Arbitrary File Upload and Remote Code Execution via Image Upload
An Arbitrary File Upload in the Upload Image component in SourceCodester Car Rental Management System 1.0 allows the user to conduct remote code execution via admin/index.php?page=manage_car because .php files can be uploaded to admin/assets/uploads/ (under the web root).
by Jyotsna Adhana
CVSS 9.8
User Registration & Login and User Management System 2.1 - SQL Injection
by Ihsan Sencan
By Source