Sam

21 exploits Active since Aug 2003
CVE-2016-4442 WRITEUP MEDIUM WRITEUP
Rack-Mini-Profiler <0.10.1 - Info Disclosure
The rack-mini-profiler gem before 0.10.1 for Ruby allows remote attackers to obtain sensitive information about allocated strings and objects by leveraging incorrect ordering of security checks.
CVSS 5.3
CVE-2018-25262 EXPLOITDB MEDIUM python WORKING POC
Angry IP Scanner for Linux 3.5.3 Denial of Service
Angry IP Scanner for Linux 3.5.3 contains a denial of service vulnerability that allows local attackers to crash the application by supplying malformed input to the port selection field. Attackers can craft a malicious string containing buffer overflow patterns and paste it into the Preferences Ports tab to trigger an application crash.
CVSS 6.2
CVE-2015-4628 WRITEUP WRITEUP
LimeSurvey < 2.06+ - Authenticated SQL Injection via sid Parameter
SQL injection vulnerability in application/controllers/admin/questiongroups.php in LimeSurvey before 2.06+ Build 150618 allows remote authenticated administrators to execute arbitrary SQL commands via the sid parameter.
CVE-2020-7993 WRITEUP MEDIUM WRITEUP
Prototype 1.6.0.1 - Authenticated Ticket Forgery via Email ID Field
Prototype 1.6.0.1 allows remote authenticated users to forge ticket creation (on behalf of other user accounts) via a modified email ID field.
CVSS 4.3
CVE-2022-2821 WRITEUP HIGH WRITEUP
GitHub namelessmc/nameless <2.0.2 - Auth Bypass
Missing Critical Step in Authentication in GitHub repository namelessmc/nameless prior to v2.0.2.
CVSS 7.5
CVE-2025-29784 WRITEUP HIGH WRITEUP
NamelessMC < 2.2.0 - Denial of Service via Forum Search Parameter Length
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, the s parameter in GET requests for forum search functionality lacks length validation, allowing attackers to submit excessively long search queries. This oversight can lead to performance degradation and potential denial-of-service (DoS) attacks. This issue has been patched in version 2.2.0.
CVSS 7.5
CVE-2025-30158 WRITEUP HIGH WRITEUP
NamelessMC < 2.2.0 - Authenticated Denial of Service via Oversized Iframe Injection
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, the forum allows users to post iframe elements inside forum topics/comments/feed with no restriction on the iframe's width and height attributes. This allows an authenticated attacker to perform a UI-based denial of service (DoS) by injecting oversized iframes that block the forum UI and disrupt normal user interactions. This issue has been patched in version 2.2.0.
CVSS 7.1
CVE-2025-30357 WRITEUP HIGH WRITEUP
NamelessMC <2.1.4 - Info Disclosure
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, if a malicious user is leaving spam comments on many topics then an administrator, unable to manually remove each spam comment, may delete the malicious account. Once an administrator deletes the malicious user's account, all their posts (comments) along with the associated topics (by unrelated users) will be marked as deleted. This issue has been patched in version 2.2.0.
CVSS 7.3
CVE-2025-31118 WRITEUP HIGH WRITEUP
NamelessMC < 2.2.0 - Authenticated Uncontrolled Resource Consumption via Forum Quick Reply
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, forum quick reply feature (view_topic.php) does not implement any spam prevention mechanism. This allows authenticated users to continuously post replies without any time restriction, resulting in an uncontrolled surge of posts that can disrupt normal operations. This issue has been patched in version 2.2.0.
CVSS 7.1
CVE-2025-31120 WRITEUP MEDIUM WRITEUP
NamelessMC <2.1.4 - Info Disclosure
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, an insecure view count mechanism in the forum page allows an unauthenticated attacker to artificially increase the view count. The application relies on a client-side cookie (nl-topic-[tid]) (or session variable for guests) to determine if a view should be counted. When a client does not provide the cookie, every page request increments the counter, leading to incorrect view metrics. This issue has been patched in version 2.2.0.
CVSS 5.3
CVE-2025-32389 WRITEUP MEDIUM WRITEUP
NamelessMC < 2.1.4 - SQL Injection via Square Bracket GET Parameter Syntax
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Prior to version 2.1.4, NamelessMC is vulnerable to SQL injection by providing an unexpected square bracket GET parameter syntax. Square bracket GET parameter syntax refers to the structure `?param[0]=a&param[1]=b&param[2]=c` utilized by PHP, which is parsed by PHP as `$_GET['param']` being of type array. This issue has been patched in version 2.1.4.
CVSS 6.5
CVE-2025-54073 WRITEUP HIGH WRITEUP
mcp-package-docs < 0.1.28 - Remote Code Execution via Unsanitized Input in child_process.exec
mcp-package-docs is an MCP (Model Context Protocol) server that provides LLMs with efficient access to package documentation across multiple programming languages and language server protocol (LSP) capabilities. A command injection vulnerability exists in the `mcp-package-docs` MCP Server prior to the fix in commit cb4ad49615275379fd6f2f1cf1ec4731eec56eb9. The vulnerability is caused by the unsanitized use of input parameters within a call to `child_process.exec`, enabling an attacker to inject arbitrary system commands. Successful exploitation can lead to remote code execution under the server process's privileges. The server constructs and executes shell commands using unvalidated user input directly within command-line strings. This introduces the possibility of shell metacharacter injection (`|`, `>`, `&&`, etc.). Commit cb4ad49615275379fd6f2f1cf1ec4731eec56eb9 in version 0.1.27 contains a fix for the issue, but upgrading to 0.1.28 is recommended.
CVSS 7.5
CVE-2025-54117 WRITEUP CRITICAL WRITEUP
NamelessMC < 2.2.4 - Authenticated Cross-Site Scripting via Dashboard Text Editor
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Cross-site scripting (XSS) vulnerability in NamelessMC before 2.2.3 allows remote authenticated attackers to inject arbitrary web script or HTML via the dashboard text editor component. This vulnerability is fixed in 2.2.4.
CVSS 9.0
CVE-2025-54118 WRITEUP MEDIUM WRITEUP
NamelessMC < 2.2.4 - Unauthenticated Sensitive Information Exposure via List Parameter
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Sensitive information disclosure in NamelessMC before 2.2.4 allows unauthenticated remote attacker to gain sensitive information such as absolute path of the source code via list parameter. This vulnerability is fixed in 2.2.4.
CVSS 5.3
CVE-2025-54421 WRITEUP HIGH WRITEUP
NamelessMC < 2.2.4 - Authenticated Cross-Site Scripting via Default Keywords Parameter
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Cross-site scripting (XSS) vulnerability in NamelessMC before 2.2.4 allows remote authenticated attackers to inject arbitrary web script or HTML via the default_keywords crafted parameter. This vulnerability is fixed in 2.2.4.
CVSS 7.2
CVE-2026-25581 WRITEUP MEDIUM WRITEUP
SCEditor < 3.2.1 - Cross-Site Scripting via Configuration Options
SCEditor is a lightweight WYSIWYG BBCode and XHTML editor. Prior to 3.2.1, if an attacker has the ability control configuration options passed to sceditor.create(), like emoticons, charset, etc. then it's possible for them to trigger an XSS attack due to lack of sanitisation of configuration options. This vulnerability is fixed in 3.2.1.
CVSS 5.4
CVE-2004-0362 EXPLOITDB c WORKING POC
ISS Protocol Analysis Module - Buffer Overflow
Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm.
CVE-2004-0330 EXPLOITDB c WORKING POC
Serv-U File Server < 5.0.0.0 - Authenticated Buffer Overflow via MDTM Command
Buffer overflow in Serv-U ftp before 5.0.0.4 allows remote authenticated users to execute arbitrary code via a long time zone argument to the MDTM command.
CVE-2003-0605 EXPLOITDB c WORKING POC
Windows 2000 SP3-SP4 - Denial of Service and Privilege Escalation via RPC DCOM Interface
The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function.
EIP-2026-118694 EXPLOITDB c WORKING POC
Internet Security Systems Protocol Analysis Module ICQ - Parsing Buffer Overflow
CVE-2003-0584 EXPLOITDB c WORKING POC
BRU < 17.0 - Local Format String Vulnerability via Command Line Argument
Format string vulnerability in Backup and Restore Utility for Unix (BRU) 17.0 and earlier, when running setuid, allows local users to execute arbitrary code via format string specifiers in a command line argument.