Writeup Exploits

62,925 exploits tracked across all sources.

Sort: Activity Stars
CVE-2019-19368 WRITEUP MEDIUM
Rumpus FTP Web File Manager 8.2.9.1 - XSS
A Reflected Cross Site Scripting was discovered in the Login page of Rumpus FTP Web File Manager 8.2.9.1. An attacker can exploit it by sending a crafted link to end users and can execute arbitrary Javascripts
CVSS 6.1
CVE-2019-19383 WRITEUP HIGH
freeFTPd 1.0.8 - Post-Authentication Buffer Overflow via SIZE Command
freeFTPd 1.0.8 has a Post-Authentication Buffer Overflow via a crafted SIZE command (this is exploitable even if logging is disabled).
CVSS 8.8
CVE-2019-19384 WRITEUP MEDIUM
FusionPBX 4.4.1 - Cross-Site Scripting via Fax UUID Parameter
A cross-site scripting (XSS) vulnerability in app/fax/fax_log_view.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the fax_uuid parameter.
CVSS 6.1
CVE-2019-19385 WRITEUP MEDIUM
FusionPBX 4.4.1 - Cross-Site Scripting via app_uuid Parameter
A cross-site scripting (XSS) vulnerability in app/dialplans/dialplans.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the app_uuid parameter.
CVSS 6.1
CVE-2019-19386 WRITEUP MEDIUM
FusionPBX 4.4.1 - Cross-Site Scripting via Voicemail Greeting Edit Parameters
A cross-site scripting (XSS) vulnerability in app/voicemail_greetings/voicemail_greeting_edit.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the id and/or voicemail_id parameter.
CVSS 6.1
CVE-2019-19387 WRITEUP MEDIUM
FusionPBX 4.4.1 - Cross-Site Scripting via c Parameter
A cross-site scripting (XSS) vulnerability in app/fifo_list/fifo_interactive.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the c parameter.
CVSS 6.1
CVE-2019-19388 WRITEUP MEDIUM
FusionPBX 4.4.1 - Cross-Site Scripting via dialplan_uuid Parameter
A cross-site scripting (XSS) vulnerability in app/dialplans/dialplan_detail_edit.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the dialplan_uuid parameter.
CVSS 6.1
CVE-2019-19447 WRITEUP HIGH
Linux kernel 5.0.21 - Use After Free
In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c.
CVSS 7.8
CVE-2019-19470 WRITEUP HIGH
TinyWall <2.1.12 - Privilege Escalation
Unsafe usage of .NET deserialization in Named Pipe message processing allows privilege escalation to NT AUTHORITY\SYSTEM for a local attacker. Affected product is TinyWall, all versions up to and including 2.1.12. Fixed in version 2.1.13.
CVSS 7.8
CVE-2019-19494 WRITEUP HIGH
Broadcom based cable modems - Buffer Overflow
Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser. Examples of affected products include Sagemcom F@st 3890 prior to 50.10.21_T4, Sagemcom F@st 3890 prior to 05.76.6.3f, Sagemcom F@st 3686 3.428.0, Sagemcom F@st 3686 4.83.0, NETGEAR CG3700EMR 2.01.05, NETGEAR CG3700EMR 2.01.03, NETGEAR C6250EMR 2.01.05, NETGEAR C6250EMR 2.01.03, Technicolor TC7230 STEB 01.25, COMPAL 7284E 5.510.5.11, and COMPAL 7486E 5.510.5.11.
CVSS 8.8
CVE-2019-19509 WRITEUP HIGH
rConfig 3.9.3 - Authenticated OS Command Injection via ajaxArchiveFiles.php Path Parameter
An issue was discovered in rConfig 3.9.3. A remote authenticated user can directly execute system commands by sending a GET request to ajaxArchiveFiles.php because the path parameter is passed to the exec function without filtering, which can lead to command execution.
CVSS 8.8
CVE-2019-19550 WRITEUP HIGH
Senior Rubiweb <6.2.34.28,6.2.34.37 - Auth Bypass
Remote Authentication Bypass in Senior Rubiweb 6.2.34.28 and 6.2.34.37 allows admin access to sensitive information of affected users using vulnerable versions. The attacker only needs to provide the correct URL.
CVSS 7.5
CVE-2019-19576 WRITEUP CRITICAL
verot.net class.upload <2.0.4 - Info Disclosure
class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions.
CVSS 9.8
CVE-2019-19576 WRITEUP CRITICAL
verot.net class.upload <2.0.4 - Info Disclosure
class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions.
CVSS 9.8
CVE-2019-19634 WRITEUP CRITICAL
verot.net class.upload <2.0.4 - Info Disclosure
class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576.
CVSS 9.8
CVE-2019-19646 WRITEUP CRITICAL
SQLite < 3.30.1 - Denial of Service via Integrity Check PRAGMA with Generated Columns
pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.
CVSS 9.8
CVE-2019-19659 WRITEUP HIGH
Rumpus FTP Server 8.2.9.1 - Cross-Site Request Forgery in Web File Manager Edit Accounts
A CSRF vulnerability exists in the Web File Manager's Edit Accounts functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can take over a user account by changing the password, update users' details, and escalate privileges via RAPR/DefineUsersSet.html.
CVSS 8.8
CVE-2019-19661 WRITEUP MEDIUM
Rumpus FTP Server 8.2.9.1 - Unauthenticated Reflected Cross-Site Scripting via Cookie
A Cookie based reflected XSS exists in the Web File Manager of Rumpus FTP Server 8.2.9.1, related to RumpusLoginUserName and snp.
CVSS 6.1
CVE-2019-19662 WRITEUP MEDIUM
Rumpus FTP Server 8.2.9.1 - Cross-Site Request Forgery via Web File Manager Account Management
A CSRF vulnerability exists in the Web File Manager's Create/Delete Accounts functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can Create and Delete accounts via RAPR/TriggerServerFunction.html.
CVSS 6.5
CVE-2019-19663 WRITEUP MEDIUM
Rumpus FTP 8.2.9.1 - Cross-Site Request Forgery in Folder Sets Settings
A CSRF vulnerability exists in the Folder Sets Settings of Web File Manager in Rumpus FTP 8.2.9.1. This allows an attacker to Create/Delete Folders after exploiting it at RAPR/FolderSetsSet.html.
CVSS 6.5
CVE-2019-19664 WRITEUP HIGH
Rumpus FTP 8.2.9.1 - Cross-Site Request Forgery in Web Settings
A CSRF vulnerability exists in the Web Settings of Web File Manager in Rumpus FTP 8.2.9.1. Exploitation of this vulnerability can result in manipulation of Server Web settings at RAPR/WebSettingsGeneralSet.html.
CVSS 7.1
CVE-2019-19665 WRITEUP MEDIUM
Rumpus FTP 8.2.9.1 - Cross-Site Request Forgery in FTP Settings
A CSRF vulnerability exists in the FTP Settings of Web File Manager in Rumpus FTP 8.2.9.1. Exploitation of this vulnerability can result in manipulation of Server FTP settings at RAPR/FTPSettingsSet.html.
CVSS 6.5
CVE-2019-19666 WRITEUP MEDIUM
Rumpus FTP 8.2.9.1 - Cross-Site Request Forgery in Event Notices Settings
A CSRF vulnerability exists in the Event Notices Settings of Web File Manager in Rumpus FTP 8.2.9.1. An attacker can create/update event notices via RAPR/EventNoticesSet.html.
CVSS 4.3
CVE-2019-19667 WRITEUP MEDIUM
Rumpus FTP 8.2.9.1 - Cross-Site Request Forgery in Block Clients Component
A CSRF vulnerability exists in the Block Clients component of Web File Manager in Rumpus FTP 8.2.9.1 that could allow an attacker to whitelist or block any IP address via RAPR/BlockedClients.html.
CVSS 5.4
CVE-2019-19668 WRITEUP MEDIUM
Rumpus FTP 8.2.9.1 - Cross-Site Request Forgery in File Types Component
A CSRF vulnerability exists in the File Types component of Web File Manager in Rumpus FTP 8.2.9.1 that allows an attacker to add or delete the file types that are used on the server via RAPR/TriggerServerFunction.html.
CVSS 4.3