Writeup Exploits

46,870 exploits tracked across all sources.

Sort: Activity Stars
CVE-2025-71276 WRITEUP MEDIUM
Alinto Sogo < 5.12.5 - XSS
SOGo before 5.12.5 is prone to a XSS vulnerability with events, tasks, and contacts categories.
CVSS 6.4
CVE-2026-33550 WRITEUP LOW
SOGo <5.12.5 - OTP Weakness
SOGo before 5.12.5 does not renew the OTP if a user disables/enables it, and has a too short length (only 12 digits instead of the 20 recommended).
CVSS 2.0
CVE-2026-4531 WRITEUP MEDIUM
Free5GC AMF handler.go HandleRegistrationComplete denial of service
A weakness has been identified in Free5GC 4.1.0. Affected is the function HandleRegistrationComplete of the file internal/gmm/handler.go of the component AMF. Executing a manipulation can lead to denial of service. The attack may be performed from remote. This patch is called 52e9386401ce56ea773c5aa587d4cdf7d53da799. It is best practice to apply a patch to resolve this issue.
CVSS 5.3
CVE-2026-4532 WRITEUP MEDIUM
code-projects Simple Food Ordering System Database Backup food.sql file access
A security vulnerability has been detected in code-projects Simple Food Ordering System up to 1.0. Affected by this vulnerability is an unknown functionality of the file /food/sql/food.sql of the component Database Backup Handler. The manipulation leads to files or directories accessible. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. It is recommended to change the configuration settings.
CVSS 5.3
CVE-2026-4533 WRITEUP MEDIUM
code-projects Simple Food Ordering System all-tickets.php sql injection
A vulnerability was detected in code-projects Simple Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file all-tickets.php. The manipulation of the argument Status results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used.
CVSS 6.3
CVE-2026-4534 WRITEUP HIGH
Tenda FH451 WrlExtraSet formWrlExtraSet stack-based overflow
A flaw has been found in Tenda FH451 1.0.0.9. This affects the function formWrlExtraSet of the file /goform/WrlExtraSet. This manipulation of the argument GO causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used.
CVSS 8.8
CVE-2026-4535 WRITEUP HIGH
Tenda FH451 WrlclientSet stack-based overflow
A vulnerability has been found in Tenda FH451 1.0.0.9. This vulnerability affects the function WrlclientSet of the file /goform/WrlclientSet. Such manipulation of the argument GO leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS 8.8
CVE-2026-4536 WRITEUP HIGH
Acrel Environmental Monitoring Cloud Platform unrestricted upload
A vulnerability was found in Acrel Environmental Monitoring Cloud Platform 1.1.0. This issue affects some unknown processing. Performing a manipulation results in unrestricted upload. The attack may be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 7.3
CVE-2026-4537 WRITEUP MEDIUM
Cudy TR1200 ipsec.lua action_ipsec_conn command injection
A vulnerability was determined in Cudy TR1200 R46-2.4.15-20250721-164017. Impacted is the function action_ipsec_conn of the file /usr/bin/lib/lua/luci/controller/ipsec.lua. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. Upgrading the affected component is advised. The vendor explains, that "some other customer has reported this to us before. And we have fixed this."
CVSS 4.7
CVE-2025-6565 WRITEUP HIGH
Netgear WNCE3001 1.0.0.50 - Buffer Overflow
A vulnerability was found in Netgear WNCE3001 1.0.0.50. It has been classified as critical. This affects the function http_d of the component HTTP POST Request Handler. The manipulation of the argument Host leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS 8.8
CVE-2025-6511 WRITEUP HIGH
Netgear EX6150 1.0.0.46_1.0.76 - Buffer Overflow
A vulnerability classified as critical has been found in Netgear EX6150 1.0.0.46_1.0.76. This affects the function sub_410090. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVSS 8.8
CVE-2025-6510 WRITEUP HIGH
Netgear EX6100 1.0.2.28_1.1.138 - Buffer Overflow
A vulnerability was found in Netgear EX6100 1.0.2.28_1.1.138. It has been rated as critical. Affected by this issue is the function sub_415EF8. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVSS 8.8
CVE-2025-6292 WRITEUP HIGH
D-Link DIR-825 2.03 - Buffer Overflow
A vulnerability has been found in D-Link DIR-825 2.03 and classified as critical. This vulnerability affects the function sub_4091AC of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVSS 8.8
CVE-2025-6291 WRITEUP HIGH
D-Link DIR-825 2.03 - Buffer Overflow
A vulnerability, which was classified as critical, was found in D-Link DIR-825 2.03. This affects the function do_file of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVSS 8.8
CVE-2025-6158 WRITEUP HIGH
Dlink Dir-655 Firmware - Memory Corruption
A vulnerability classified as critical has been found in D-Link DIR-665 1.00. This affects the function sub_AC78 of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVSS 8.8
CVE-2025-6121 WRITEUP CRITICAL
Dlink Dir-632 Firmware - Memory Corruption
A vulnerability, which was classified as critical, has been found in D-Link DIR-632 FW103B08. Affected by this issue is the function get_pure_content of the component HTTP POST Request Handler. The manipulation of the argument Content-Length leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVSS 9.8
CVE-2025-5969 WRITEUP HIGH
Dlink Dir-632 Firmware - Memory Corruption
A vulnerability has been found in D-Link DIR-632 FW103B08 and classified as critical. Affected by this vulnerability is the function FUN_00425fd8 of the file /biurl_grou of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVSS 8.8
CVE-2025-5934 WRITEUP HIGH
Netgear Ex3700 Firmware < 1.0.0.88 - Out-of-Bounds Write
A vulnerability was found in Netgear EX3700 up to 1.0.0.88. It has been classified as critical. Affected is the function sub_41619C of the file /mtd. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.0.98 is able to address this issue. It is recommended to upgrade the affected component. This vulnerability only affects products that are no longer supported by the maintainer.
CVSS 8.8
CVE-2025-5912 WRITEUP HIGH
Dlink Dir-632 Firmware - Memory Corruption
A vulnerability was found in D-Link DIR-632 FW103B08. It has been declared as critical. This vulnerability affects the function do_file of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVSS 8.8
CVE-2026-4529 WRITEUP HIGH
D-Link DHP-1320 SOAP redirect_count_down_page stack-based overflow
A vulnerability was identified in D-Link DHP-1320 1.00WWB04. This affects the function redirect_count_down_page of the component SOAP Handler. Such manipulation leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVSS 8.8
CVE-2026-4530 WRITEUP MEDIUM
apconw Aix-DB terminology_retriever.py sql injection
A security flaw has been discovered in apconw Aix-DB up to 1.2.3. This impacts an unknown function of the file agent/text2sql/rag/terminology_retriever.py. Performing a manipulation of the argument Description results in sql injection. The attack requires a local approach. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 5.3
CVE-2039-9000002 WRITEUP CRITICAL
TEST FIXTURE: exploitintel vuln-bin <= v1.2.0-vuln - Stack Buffer Overflow in Management Listener
Internal test fixture for EIP, MCP, and forge-runner seeding. Not a real CVE. Simulates a stack-based buffer overflow in the exploitintel vuln-bin management listener before v1.2.1-fixed, with a later test-only regression commit retained for bypass-path exercises.
CVSS 9.8
CVE-2039-9000001 WRITEUP HIGH
TEST FIXTURE: exploitintel vuln-web <= v1.2.0-vuln - Path Traversal Arbitrary File Read
Internal test fixture for EIP, MCP, and forge-runner seeding. Not a real CVE. Simulates an unauthenticated path traversal in the exploitintel vuln-web read action before v1.2.1-fixed, with a later test-only regression route retained for bypass-path exercises.
CVSS 7.5
CVE-2026-4516 WRITEUP MEDIUM
Foundation Agents MetaGPT DataInterpreter write_analysis_code.py injection
A vulnerability was found in Foundation Agents MetaGPT up to 0.8.1. This vulnerability affects unknown code of the file metagpt/actions/di/write_analysis_code.py of the component DataInterpreter. The manipulation results in injection. It is possible to launch the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 6.3
CVE-2026-4509 WRITEUP MEDIUM
PbootCMS File Upload file.php incomplete blacklist
A security flaw has been discovered in PbootCMS up to 3.2.12. This affects an unknown function of the file core/function/file.php of the component File Upload. The manipulation of the argument black results in incomplete blacklist. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks.
CVSS 6.3
By Source
All 46,870 Exploitdb 50,130 Writeup 46,870 Nomisec 21,221 Metasploit 3,189 Github 2,316 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,346 ruby 5,920 python 5,770 c 3,560 perl 2,854 html 2,055 php 1,334 bash 459 java 360 javascript 260 c++ 247 shell 74 go 43 postscript 25 xml 24