webraybtl

60 exploits Active since Mar 2022
CVE-2022-24934 NOMISEC CRITICAL WORKING POC
Wps Office < 11.2.0.10382 - Remote Code Execution
wpsupdater.exe in Kingsoft WPS Office through 11.2.0.10382 allows remote code execution by modifying HKEY_CURRENT_USER in the registry.
20 stars
CVSS 9.8
CVE-2023-40031 NOMISEC HIGH WRITEUP
Notepad-plus-plus Notepad++ < 8.5.6 - Heap Buffer Overflow
Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer write overflow in `Utf8_16_Read::convert`. This issue may lead to arbitrary code execution. As of time of publication, no known patches are available in existing versions of Notepad++.
15 stars
CVSS 7.8
CVE-2023-27363 NOMISEC HIGH WRITEUP
Foxit Pdf Editor < 10.1.11.37866 - Remote Code Execution
Foxit PDF Reader exportXFAData Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the exportXFAData method. The application exposes a JavaScript interface that allows writing arbitrary files. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-19697.
11 stars
CVSS 7.8
CVE-2022-25943 NOMISEC HIGH WORKING POC
Kingsoft Wps Office < 11.2.0.10258 - Incorrect Default Permissions
The installer of WPS Office for Windows versions prior to v11.2.0.10258 fails to configure properly the ACL for the directory where the service program is installed.
6 stars
CVSS 7.8
CVE-2022-1068 NOMISEC MEDIUM STUB
Modbustools Modbus Slave < 7.4.3 - Out-of-Bounds Write
Modbus Tools Modbus Slave (versions 7.4.2 and prior) is vulnerable to a stack-based buffer overflow in the registration field. This may cause the program to crash when a long character string is used.
3 stars
CVSS 5.5
CVE-2022-1086 WRITEUP LOW WRITEUP
Dolphinphp < 1.5.0 - XSS
A vulnerability was found in DolphinPHP up to 1.5.0 and classified as problematic. Affected by this issue is the User Management Page. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS 3.5
CVE-2022-1087 WRITEUP LOW WRITEUP
Htmly - XSS
A vulnerability, which was classified as problematic, has been found in htmly 5.3 whis affects the component Edit Profile Module. The manipulation of the field Title with script tags leads to persistent cross site scripting. The attack may be initiated remotely and requires an authentication. A simple POC has been disclosed to the public and may be used.
CVSS 3.5
CVE-2022-1503 WRITEUP LOW WRITEUP
Get-simple Getsimple Cms - XSS
A vulnerability, which was classified as problematic, has been found in GetSimple CMS. Affected by this issue is the file /admin/edit.php of the Content Module. The manipulation of the argument post-content with an input like <script>alert(1)</script> leads to cross site scripting. The attack may be launched remotely but requires authentication. Expoit details have been disclosed within the advisory.
CVSS 3.5
CVE-2022-1590 WRITEUP LOW WRITEUP
Bludit - XSS
A vulnerability was found in Bludit 3.13.1. It has been declared as problematic. This vulnerability affects the endpoint /admin/new-content of the New Content module. The manipulation of the argument content with the input <script>alert(1)</script> leads to cross site scripting. The attack can be initiated remotely but requires an authentication. The exploit has been disclosed to the public and may be used.
CVSS 3.5
CVE-2022-1817 WRITEUP LOW WRITEUP
Badminton Center Management System - XSS
A vulnerability, which was classified as problematic, was found in Badminton Center Management System. This affects the userlist module at /bcms/admin/?page=user/list. The manipulation of the argument username with the input </td><img src="" onerror="alert(1)"><td>1 leads to an authenticated cross site scripting. Exploit details have been disclosed to the public.
CVSS 3.5
CVE-2022-2017 WRITEUP MEDIUM WRITEUP
Prison Management System - SQL Injection
A vulnerability was found in SourceCodester Prison Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /pms/admin/visits/view_visit.php of the component Visit Handler. The manipulation of the argument id with the input 2%27and%201=2%20union%20select%201,2,3,4,5,6,7,user(),database()--+ leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS 4.7
CVE-2022-2018 WRITEUP MEDIUM WRITEUP
Prison Management System - SQL Injection
A vulnerability classified as critical has been found in SourceCodester Prison Management System 1.0. Affected is an unknown function of the file /admin/?page=inmates/view_inmate of the component Inmate Handler. The manipulation of the argument id with the input 1%27%20and%201=2%20union%20select%201,user(),3,4,5,6,7,8,9,0,database(),2,3,4,5,6,7,8,9,0,1,2,3,4--+ leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS 4.7
CVE-2022-2019 WRITEUP HIGH WRITEUP
Prison Management System - Improper Authorization
A vulnerability classified as critical was found in SourceCodester Prison Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Users.php?f=save of the component New User Creation. The manipulation leads to improper authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS 7.3
CVE-2022-2020 WRITEUP LOW WRITEUP
Prison Management System - XSS
A vulnerability, which was classified as problematic, has been found in SourceCodester Prison Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/?page=system_info of the component System Name Handler. The manipulation with the input <img src="" onerror="alert(1)"> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS 2.4
CVE-2022-2086 WRITEUP MEDIUM WRITEUP
Bank Management System - SQL Injection
A vulnerability, which was classified as critical, has been found in SourceCodester Bank Management System 1.0. Affected by this issue is login.php. The manipulation of the argument password with the input 1'and 1=2 union select 1,sleep(10),3,4,5 --+ leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3
CVE-2022-2087 WRITEUP LOW WRITEUP
Bank Management System - XSS
A vulnerability, which was classified as problematic, was found in SourceCodester Bank Management System 1.0. This affects the file /mnotice.php?id=2. The manipulation of the argument notice with the input <script>alert(1)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS 3.5
CVE-2022-2418 WRITEUP HIGH WRITEUP
Eveo Urve Web Manager - Unrestricted File Upload
A vulnerability was found in URVE Web Manager. It has been classified as critical. This affects an unknown part of the file kreator.html5/img_upload.php. The manipulation leads to unrestricted upload. Access to the local network is required for this attack. The exploit has been disclosed to the public and may be used.
CVSS 8.0
CVE-2022-2419 WRITEUP HIGH WRITEUP
Eveo Urve Web Manager - Unrestricted File Upload
A vulnerability was found in URVE Web Manager. It has been declared as critical. This vulnerability affects unknown code of the file _internal/collector/upload.php. The manipulation leads to unrestricted upload. Access to the local network is required for this attack to succeed. The exploit has been disclosed to the public and may be used.
CVSS 8.0
CVE-2022-2420 WRITEUP HIGH WRITEUP
Eveo Urve Web Manager - Unrestricted File Upload
A vulnerability was found in URVE Web Manager. It has been rated as critical. This issue affects some unknown processing of the file _internal/uploader.php. The manipulation leads to unrestricted upload. The attack needs to be approached within the local network. The exploit has been disclosed to the public and may be used.
CVSS 8.0
CVE-2022-2486 WRITEUP HIGH WRITEUP
Wavlink Wl-wn535k2 Firmware - OS Command Injection
A vulnerability, which was classified as critical, was found in WAVLINK WN535K2 and WN535K3. This affects an unknown part of the file /cgi-bin/mesh.cgi?page=upgrade. The manipulation of the argument key leads to os command injection. The exploit has been disclosed to the public and may be used.
CVSS 8.0
CVE-2022-2487 WRITEUP HIGH WRITEUP
Wavlink Wl-wn535k2 Firmware - OS Command Injection
A vulnerability has been found in WAVLINK WN535K2 and WN535K3 and classified as critical. This vulnerability affects unknown code of the file /cgi-bin/nightled.cgi. The manipulation of the argument start_hour leads to os command injection. The exploit has been disclosed to the public and may be used.
CVSS 8.0
CVE-2022-2488 WRITEUP HIGH WRITEUP
Wavlink Wl-wn535k2 Firmware - OS Command Injection
A vulnerability was found in WAVLINK WN535K2 and WN535K3 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/touchlist_sync.cgi. The manipulation of the argument IP leads to os command injection. The exploit has been disclosed to the public and may be used.
CVSS 8.0
CVE-2022-2577 WRITEUP MEDIUM WRITEUP
SourceCodester Garage Management System 1.0 - SQL Injection
A vulnerability classified as critical was found in SourceCodester Garage Management System 1.0. This vulnerability affects unknown code of the file /edituser.php. The manipulation of the argument id with the input -2'%20UNION%20select%2011,user(),333,444--+ leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3
CVE-2022-2578 WRITEUP MEDIUM WRITEUP
SourceCodester Garage Management System 1.0 - Info Disclosure
A vulnerability, which was classified as critical, has been found in SourceCodester Garage Management System 1.0. This issue affects some unknown processing of the file /php_action/createUser.php. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3
CVE-2022-2579 WRITEUP LOW WRITEUP
SourceCodester Garage Management System 1.0 - XSS
A vulnerability, which was classified as problematic, was found in SourceCodester Garage Management System 1.0. Affected is an unknown function of the file /php_action/createUser.php. The manipulation of the argument userName with the input lala<img src="" onerror=alert(1)> leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS 3.5