Writeup Exploits
59,805 exploits tracked across all sources.
vm2: Sandbox Breakout Through Inspect
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.0, VM2 suffers from a sandbox breakout vulnerability through the inspect function. This allows attackers to write code which can escape from the VM2 sandbox and execute arbitrary commands on the host system. This issue has been patched in version 3.11.0.
CVSS 9.8
gobgp v4.3.0 - DoS
An out-of-bounds read in the ParseIP6Extended function (/bgp/bgp.go) of gobgp v4.3.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted BGP UPDATE message.
CVSS 7.5
IKUS Rdiffweb <2.10.5 - Privilege Escalation
IKUS Rdiffweb before 2.10.5 has an improper authorization flaw that allows an attacker with any valid or stolen access token to act as other users. The API does not enforce binding between the authenticated subject and the targeted user/tenant, so crafted requests can read or modify other users data and, in some cases, perform privileged actions. This issue may enable cross-tenant access. Fixed in version 2.10.6.
CVSS 8.1
BusyBox DHCPv6 Client Heap Buffer Overflow via DNS_SERVERS
BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client (udhcpc6) DNS_SERVERS option handler in networking/udhcp/d6_dhcpc.c that allows network-adjacent attackers to trigger memory corruption by sending a crafted DHCPv6 response with a malformed D6_OPT_DNS_SERVERS option. Attackers can exploit incorrect heap buffer allocation calculations in the option_to_env() function to cause denial of service or achieve arbitrary code execution on embedded systems without heap hardening.
CVSS 8.1
Totolink A8000RU cstecgi.cgi setAppFilterCfg os command injection
A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. Affected is the function setAppFilterCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument enable results in os command injection. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks.
CVSS 9.8
WonderCMS Remote Code Execution
Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component.
CVSS 6.1
CSZCMS <1.3.0 - XSS
Cross Site Scripting vulnerability in CSZCMS v.1.3.0 allows a local attacker to execute arbitrary code via a crafted script to the Additional Meta Tag parameter in the Pages Content Menu component.
CVSS 5.4
Binalyze IREC.sys <3.11.0 - RCE
An issue in Binalyze IREC.sys v.3.11.0 and before allows a local attacker to execute arbitrary code and escalate privileges via the fun_1400084d0 function in IREC.sys driver.
CVSS 7.8
Super Store Finder <3.6 - SQL Injection
Super Store Finder v3.6 was discovered to contain multiple SQL injection vulnerabilities in the store locator component via the products, distance, lat, and lng parameters.
CVSS 9.8
Super Store Finder <3.6 - Info Disclosure
A hard coded password in Super Store Finder v3.6 allows attackers to access the administration panel.
CVSS 9.8
Student Attendance Management System v1 - XSS
Student Attendance Management System v1 was discovered to contain a cross-site scripting (XSS) vulnerability via the sessionName parameter at createSessionTerm.php.
CVSS 6.1
Student Attendance Management System v1 - SQL Injection
Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createClassArms.php via the classId and classArmName parameters.
CVSS 8.8
Student Attendance Management System v1 - SQL Injection
Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createSessionTerm.php via the id, termId, and sessionName parameters.
CVSS 8.8
Student Attendance Management System v1 - SQL Injection
Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createStudents.php via the Id, firstname, and admissionNumber parameters.
CVSS 8.8
Student Attendance Management System v1 - SQL Injection
Student Attendance Management System v1 was discovered to contain a SQL injection vulnerability via the emailAddress parameter at createClassTeacher.php.
CVSS 8.8
Student Attendance Management System v1 - SQL Injection
Student Attendance Management System v1 was discovered to contain a SQL injection vulnerability via the username parameter at index.php.
CVSS 8.8
Hospital Management System v4 - SQL Injection
Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the patient_contact parameter in patientsearch.php.
CVSS 9.8
Hospital Management System v4 - SQL Injection
Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in func1.php via the username3 and password3 parameters.
CVSS 9.8
Hospital Management System v4 - SQL Injection
Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the password2 parameter in func.php.
CVSS 9.8
Hospital Management System v4 - SQL Injection
Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in contact.php via the txtname, txtphone, and txtmail parameters.
CVSS 9.8
Hospital Management System v4 - XSS
Hospital Management System v4 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in func2.php via the fname and lname parameters.
CVSS 6.1
Hospital Management System v4 - SQL Injection
Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the app_contact parameter in appsearch.php.
CVSS 9.8
Hospital Management System v4 - SQL Injection
Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in func3.php via the username1 and password2 parameters.
CVSS 8.8
Hospital Management System v4 - SQL Injection
Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the doctor_contact parameter in doctorsearch.php.
CVSS 8.8
Cockpit CMS <2.6.3 - RCE
An arbitrary file upload vulnerability in the Upload Asset function of Cockpit CMS v2.6.3 allows attackers to execute arbitrary code via uploading a crafted .shtml file.
CVSS 6.1
By Source