Exploit Database
144,390 exploits tracked across all sources.
Concrete CMS 9.2.0-9.2.2 - Cross-Site Scripting via Tags Settings
A Cross Site Scripting (XSS) vulnerability in Concrete CMS from versions 9.2.0 to 9.2.2 allows an attacker to execute arbitrary code via a crafted script to the Tags from Settings - Tags.
CVSS 5.4
Concrete CMS 9.2.1 - Arbitrary File Upload and Cross-Site Scripting via Thumbnail File Upload
Concrete CMS v9.2.1 is affected by an Arbitrary File Upload vulnerability via a Thumbnail file upload, which allows Cross-Site Scripting (XSS). NOTE: the vendor's position is that a customer is supposed to know that "pdf" should be excluded from the allowed file types, even though pdf is one of the allowed file types in the default configuration.
CVSS 5.4
Concrete CMS < 9.2.3 - Stored Cross-Site Scripting via Name Parameter during Installation
A Cross Site Scripting (XSS) vulnerability in Concrete CMS before 9.2.3 exists via the Name parameter during installation (aka Site of Installation or Settings).
CVSS 5.4
Concrete CMS 8.5.12 and below, 9.0-9.2.1 - Stored Cross-Site Scripting via Plural Handle of Data Objects
A Cross Site Scripting (XSS) vulnerability in Concrete CMS versions 8.5.12 and below, and 9.0 through 9.2.1 allows an attacker to execute arbitrary code via a crafted script to Plural Handle of the Data Objects from System & Settings.
CVSS 5.4
Concrete CMS 9.2.1 - Stored Cross-Site Scripting in SEO Extra Field
A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the SEO - Extra from Page Settings. NOTE: the vendor disputes this because this SEO-related header change can only be made by an admin, and allowing an admin to place JavaScript there is an intentional customization feature.
CVSS 4.8
RiteCMS 3.0 - Stored Cross-Site Scripting via SVG File Upload
A File upload vulnerability in RiteCMS 3.0 allows a local attacker to upload a SVG file with XSS content.
CVSS 4.8
Zenario CMS 9.4.59197 - Cross-Site Scripting via Spare Aliases from Alias
A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows a local attacker to execute arbitrary code via a crafted script to the Spare aliases from Alias.
CVSS 5.4
Zenario CMS 9.4.59197 - Cross-Site Scripting via Spare Aliases from Alias
A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows a local attacker to execute arbitrary code via a crafted script to the Spare aliases from Alias.
CVSS 5.4
Zenario CMS 9.4.59197 - Cross-Site Scripting via Organizer Spare Alias
A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows an attacker to execute arbitrary code via a crafted script to the Organizer - Spare alias.
CVSS 5.4
Zenario CMS 9.4.59197 - Stored Cross-Site Scripting in Page Layout
A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows a local attacker to execute arbitrary code via a crafted script to the Page Layout.
CVSS 5.4
c3crm <= 3.0.4 - Cross-Site Scripting via Login Error Parameter
A cross-site scripting (XSS) vulnerability in the component /Login.php of c3crm up to v3.0.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the login_error parameter.
CVSS 7.1
Koha Library Software < 23.05.04 - Arbitrary File Read via Cover Image Upload
File Upload vulnerability in Koha Library Software 23.05.04 and before allows a remote attacker to read arbitrary files via the upload-cover-image.pl component.
CVSS 5.3
jeecg/jimureport < 1.6.1 - Server-Side Template Injection in Template Handler
A vulnerability was found in jeecgboot JimuReport up to 1.6.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Template Handler. The manipulation leads to injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.6.1 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-237571.
CVSS 6.3
XWiki OAuth Identity < 1.6 - Remote Code Execution via OAuth Login Parameter Injection
com.xwiki.identity-oauth:identity-oauth-ui is a package to aid in building identity and service providers based on OAuth authorizations. When a user logs in via the OAuth method, the identityOAuth parameters sent in the GET request is vulnerable to cross site scripting (XSS) and XWiki syntax injection. This allows remote code execution via the groovy macro and thus affects the confidentiality, integrity and availability of the whole XWiki installation. The issue has been fixed in Identity OAuth version 1.6. There are no known workarounds for this vulnerability and users are advised to upgrade.
CVSS 10.0
web2py < 2.24.1 - OS Command Injection via notifySendHandler Logging
An OS command injection vulnerability exists in web2py 2.24.1 and earlier. When the product is configured to use notifySendHandler for logging (not the default configuration), a crafted web request may execute an arbitrary OS command on the web server using the product.
CVSS 9.8
mojotv/base64captcha < 1.3.6 - Insufficient Verification of Data Authenticity in Verify Function
When using the default implementation of Verify to check a Captcha, verification can be bypassed. For example, if the first parameter is a non-existent id, the second parameter is an empty string, and the third parameter is true, the function will always consider the Captcha to be correct.
CVSS 5.3
QAD Search Server <= 1.0.0.315 - Unauthenticated Stored Cross-Site Scripting via Index Name
The QAD Search Server is vulnerable to Stored Cross-Site Scripting (XSS) in versions up to, and including, 1.0.0.315 due to insufficient checks on indexes. This makes it possible for unauthenticated attackers to create a new index and inject a malicious web script into its name, that will execute whenever a user accesses the search page.
CVSS 5.4
Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn - Stack Overflow via list Parameter in sub_49E098
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the list parameter in the function sub_49E098.
CVSS 9.8
Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn - Stack Overflow via src Parameter in sub_47D878
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the src parameter in the function sub_47D878.
CVSS 9.8
Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn - Stack-based Buffer Overflow via SetFirewallCfg FirewallEn Parameter
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the firewallEn parameter in the function SetFirewallCfg.
CVSS 9.8
Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn - Stack Overflow via urls Parameter in get_parentControl_list_Info
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the urls parameter in the function get_parentControl_list_Info.
CVSS 9.8
Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn - Stack Overflow via compare_parentcontrol_time Function
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the time parameter in the function compare_parentcontrol_time.
CVSS 9.8
Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn - Stack Overflow via shareSpeed Parameter in fromSetWifiGuestBasic
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGuestBasic.
CVSS 9.8
Macs CMS 1.1.4f - SQL Injection via Multiple Endpoints
SQL Injection vulnerability in Macrob7 Macs CMS 1.1.4f, allows remote attackers to execute arbitrary code, cause a denial of service (DoS), escalate privileges, and obtain sensitive information via crafted payload to resetPassword, forgotPasswordProcess, saveUser, saveRole, deleteUser, deleteRole, deleteComment, deleteUser, allowComment, saveRole, forgotPasswordProcess, resetPassword, saveUser, addComment, saveRole, and saveUser endpoints.
CVSS 5.3
Jorani Leave Management System 1.0.3 - Stored Cross-Site Scripting via Leave Request Comment Field
An issue in Jorani Leave Management System 1.0.3 allows a remote attacker to execute arbitrary HTML code via a crafted script to the comment field of the List of Leave requests page.
CVSS 6.5
By Source