Nomisec Exploits
21,551 exploits tracked across all sources.
Nabz Image Gallery <v1.00 - SQL Injection
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nabajit Roy Nabz Image Gallery nabz-image-gallery allows SQL Injection.This issue affects Nabz Image Gallery: from n/a through <= v1.00.
by RandomRobbieBF
CVSS 9.3
Richteam Share Buttons - SQL Injection
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in richteam Share Buttons – Social Media rich-web-share-button allows Blind SQL Injection.This issue affects Share Buttons – Social Media: from n/a through <= 1.0.2.
by RandomRobbieBF
CVSS 9.3
Meowapps AI Engine < 1.9.99 - Unrestricted File Upload
Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 1.9.98.
by Nxploited
CVSS 10.0
Amol Nirmala Waman Navayan CSV Export <1.0.9 - SQL Injection
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Amol Nirmala Waman Navayan CSV Export navayan-csv-export allows Blind SQL Injection.This issue affects Navayan CSV Export: from n/a through <= 1.0.9.
by RandomRobbieBF
Sogrid <1.5.6 - Path Traversal
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Sabri Sogrid sogrid allows PHP Local File Inclusion.This issue affects Sogrid: from n/a through <= 1.5.6.
by RandomRobbieBF
CVSS 7.5
Microsoft Windows 10 1507 < 10.0.10240.20857 - Out-of-Bounds Read
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
by barcrange
Watchguard Fireware < 11.2.1 - XXE
WatchGuard Fireware v11.12.1 and earlier mishandles requests referring to an XML External Entity (XXE), in the XML-RPC agent. This causes the Firebox wgagent process to crash. This process crash ends all authenticated sessions to the Firebox, including management connections, and prevents new authenticated sessions until the process has recovered. The Firebox may also experience an overall degradation in performance while the wgagent process recovers. An attacker could continuously send XML-RPC requests that contain references to external entities to perform a limited Denial of Service (DoS) attack against an affected Firebox.
by itzexploit
CVSS 5.3
Jenkins cli Ampersand Replacement Arbitrary File Read
Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.
by Marouane133
Edimax Re11s Firmware - Command Injection
RE11S v1.11 was discovered to contain a command injection vulnerability via the component /goform/formAccept.
by passwa11
CVSS 9.8
SimplCommerce - Improper Access Control
An improper access control vulnerability exists in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f, allowing users to submit reviews without verifying if they have purchased the product.
by AbdullahAlmutawa
CVSS 7.5
SimplCommerce - Info Disclosure
A race condition vulnerability in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f allows attackers to bypass inventory restrictions by simultaneously submitting purchase requests from multiple accounts for the same product. This can lead to overselling when stock is limited, as the system fails to accurately track inventory under high concurrency, resulting in potential loss and unfulfilled orders.
by AbdullahAlmutawa
CVSS 5.9
SimplCommerce - Buffer Overflow
Integer overflow vulnerability exists in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f in the shopping cart functionality. The issue lies in the quantity parameter in the CartController's AddToCart method.
by AbdullahAlmutawa
CVSS 9.8
Microsoft Windows 10 1507 < 10.0.10240.20857 - Out-of-Bounds Read
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
by SafeBreach-Labs
Apache OFBiz forgotPassword/ProgramExport RCE
Incorrect Authorization vulnerability in Apache OFBiz.
This issue affects Apache OFBiz: through 18.12.14.
Users are recommended to upgrade to version 18.12.15, which fixes the issue.
Unauthenticated endpoints could allow execution of screen rendering code of screens if some preconditions are met (such as when the screen definitions don't explicitly check user's permissions because they rely on the configuration of their endpoints).
by FakesiteSecurity
nssTheme Wp NssUser Register <1.0.0 - Privilege Escalation
Incorrect Privilege Assignment vulnerability in saiful.total Wp NssUser Register wp-nssuser-register allows Privilege Escalation.This issue affects Wp NssUser Register: from n/a through <= 1.0.0.
by RandomRobbieBF
CVSS 9.8
Microsoft Windows 10 1507 < 10.0.10240.20857 - Integer Overflow
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
by CCIEVoice2009
SoftLab Radio Player <2.0.82 - SSRF
Server-Side Request Forgery (SSRF) vulnerability in princeahmed Radio Player radio-player allows Server Side Request Forgery.This issue affects Radio Player: from n/a through <= 2.0.83.
by RandomRobbieBF
CVSS 7.2
WalletStation.com Code Generator Pro - SQL Injection
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WalletStation Code Generator Pro code-generator-pro allows SQL Injection.This issue affects Code Generator Pro: from n/a through <= 1.2.
by RandomRobbieBF
CVSS 9.3
Mozilla Firefox < 115.16.1 - Use After Free
An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, Firefox ESR < 115.16.1, Thunderbird < 131.0.1, Thunderbird < 128.3.1, and Thunderbird < 115.16.0.
by PraiseImafidon
Webriderz Wr Age Verification <2.0.0 - SQL Injection
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in robindkumar Wr Age Verification wr-age-verification allows SQL Injection.This issue affects Wr Age Verification: from n/a through <= 2.0.0.
by RandomRobbieBF
CVSS 9.3
Hep Hep Hurra <2.4 - SSRF
Server-Side Request Forgery (SSRF) vulnerability in hurraki Hurrakify hurrakify allows Server Side Request Forgery.This issue affects Hurrakify: from n/a through <= 2.4.
by RandomRobbieBF
CVSS 7.2
Org.springframework Spring-webmvc < 6.1.13 - Path Traversal
Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obtain any file on the file system that is also accessible to the process in which the Spring application is running.
Specifically, an application is vulnerable when both of the following are true:
* the web application uses RouterFunctions to serve static resources
* resource handling is explicitly configured with a FileSystemResource location
However, malicious requests are blocked and rejected when any of the following is true:
* the Spring Security HTTP Firewall https://docs.spring.io/spring-security/reference/servlet/exploits/firewall.html is in use
* the application runs on Tomcat or Jetty
by wdragondragon
CVSS 7.5
Bangkok Medical Software HOSxP XE <4.64.11.3 - Info Disclosure
Bangkok Medical Software HOSxP XE v4.64.11.3 was discovered to contain a hardcoded IDEA Key-IV pair in the HOSxPXE4.exe and HOS-WIN32.INI components. This allows attackers to access sensitive information.
by Safecloudth
Themeum Tutor Lms < 2.7.6 - SQL Injection
The Tutor LMS plugin for WordPress is vulnerable to SQL Injection via the ‘rating_filter’ parameter in all versions up to, and including, 2.7.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
by k0ns0l
Liquidweb Restrict Content < 3.2.7 - Information Disclosure
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in StellarWP Membership Plugin – Restrict Content plugin <= 3.2.7 versions.
by Nxploited
CVSS 5.3
By Source