Chocapikk

106 exploits Active since Apr 2017
CVE-2019-19492 NOMISEC CRITICAL WORKING POC
FreeSWITCH <1.10.1 - Info Disclosure
FreeSWITCH 1.6.10 through 1.10.1 has a default password in event_socket.conf.xml.
CVSS 9.8
CVE-2026-22683 WRITEUP HIGH WORKING POC
Windmill < 1.615.0 Operator Role Missing Authorization Checks RCE
Windmill versions 1.56.0 through 1.614.0 contain a missing authorization vulnerability that allows users with the Operator role to perform prohibited entity creation and modification actions via the backend API. Although Operators are documented and priced as unable to create or modify entities, the API does not enforce the Operator restriction on workspace endpoints, allowing an Operator to create and update scripts, flows, apps, and raw_apps. Since Operators can also execute scripts via the jobs API, this allows direct privilege escalation to remote code execution within the Windmill deployment. This vulnerability has existed since the introduction of the Operator role in version 1.56.0.
CVSS 8.8
CVE-2026-23696 WRITEUP CRITICAL WORKING POC
Windmill < 1.603.3 File Ownership Handling SQLi RCE
Windmill CE and EE versions 1.276.0 through 1.603.2 contain an SQL injection vulnerability in the folder ownership management functionality that allows authenticated attackers to inject SQL through the owner parameter. An attacker can use the injection to read sensitive data such as the JWT signing secret and administrative user identifiers, forge an administrative token, and then execute arbitrary code via the workflow execution endpoints.
CVSS 9.9
CVE-2026-28515 WRITEUP HIGH WORKING POC
openDCIM 23.04 - Privilege Escalation
openDCIM version 23.04, through commit 4467e9c4, contains a missing authorization vulnerability in install.php and container-install.php. The installer and upgrade handler expose LDAP configuration functionality without enforcing application role checks. Any authenticated user can access this functionality regardless of assigned privileges. In deployments where REMOTE_USER is set without authentication enforcement, the endpoint may be accessible without credentials. This allows unauthorized modification of application configuration.
CVSS 8.8
CVE-2026-28516 WRITEUP HIGH WORKING POC
openDCIM < 23.04 - Authenticated SQL Injection via Config::UpdateParameter
openDCIM version 23.04, through commit 4467e9c4, contains a SQL injection vulnerability in Config::UpdateParameter. The install.php and container-install.php handlers pass user-supplied input directly into SQL statements using string interpolation without prepared statements or proper input sanitation. An authenticated user can execute arbitrary SQL statements against the underlying database.
CVSS 8.8
CVE-2026-28517 WRITEUP CRITICAL WORKING POC
openDCIM < 23.04 - OS Command Injection via fac_Config.dot Parameter
openDCIM version 23.04, through commit 4467e9c4, contains an OS command injection vulnerability in report_network_map.php. The application retrieves the 'dot' configuration parameter from the database and passes it directly to exec() without validation or sanitization. If an attacker can modify the fac_Config.dot value, arbitrary commands may be executed in the context of the web server process.
CVSS 9.8