Writeup Exploits

63,530 exploits tracked across all sources.

Sort: Activity Stars
CVE-2021-26723 WRITEUP MEDIUM
Jenzabar 9.2.0-9.2.2 - Cross-Site Scripting via Search Query Parameter
Jenzabar 9.2.x through 9.2.2 allows /ics?tool=search&query= XSS.
CVSS 6.1
CVE-2021-27190 WRITEUP MEDIUM
PEEL SHOPPING 9.3.0 and 9.4.0 - Stored Cross-Site Scripting via Polyglot Payload
A Stored Cross Site Scripting(XSS) Vulnerability was discovered in PEEL SHOPPING 9.3.0 and 9.4.0, which are publicly available. The user supplied input containing polyglot payload is echoed back in javascript code in HTML response. This allows an attacker to input malicious JavaScript which can steal cookie, redirect them to other malicious website, etc.
CVSS 5.4
CVE-2021-27237 WRITEUP MEDIUM
BlackCat CMS 1.3.6 - Stored Cross-Site Scripting via Display Name Field
The admin panel in BlackCat CMS 1.3.6 allows stored XSS (by an admin) via the Display Name field to backend/preferences/ajax_save.php.
CVSS 4.8
CVE-2021-27237 WRITEUP MEDIUM
BlackCat CMS 1.3.6 - Stored Cross-Site Scripting via Display Name Field
The admin panel in BlackCat CMS 1.3.6 allows stored XSS (by an admin) via the Display Name field to backend/preferences/ajax_save.php.
CVSS 4.8
CVE-2020-25878 WRITEUP MEDIUM
BlackCat CMS 1.3.6 - Authenticated Stored Cross-Site Scripting via Admin-Tools Output Filters and Droplets
A stored cross site scripting (XSS) vulnerability in the 'Admin-Tools' feature of BlackCat CMS 1.3.6 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payloads entered into the 'Output Filters' and 'Droplets' modules.
CVSS 4.8
CVE-2020-25877 WRITEUP MEDIUM
BlackCat CMS 1.3.6 - Authenticated Stored Cross-Site Scripting via Add Page Title Parameter
A stored cross site scripting (XSS) vulnerability in the 'Add Page' feature of BlackCat CMS 1.3.6 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the 'Title' parameter.
CVSS 5.4
CVE-2020-25453 WRITEUP HIGH
BlackCat CMS < 1.4 - Cross-Site Request Forgery Bypass
An issue was discovered in BlackCat CMS before 1.4. There is a CSRF vulnerability (bypass csrf_token) that allows remote arbitrary code execution.
CVSS 8.8
CVE-2018-10821 WRITEUP MEDIUM
BlackCatCMS 1.3 - Authenticated Stored Cross-Site Scripting in Search Panel
Cross-site scripting (XSS) vulnerability in backend/pages/modify.php in BlackCatCMS 1.3 allows remote authenticated users with the Admin role to inject arbitrary web script or HTML via the search panel.
CVSS 4.8
CVE-2018-10821 WRITEUP MEDIUM
BlackCatCMS 1.3 - Authenticated Stored Cross-Site Scripting in Search Panel
Cross-site scripting (XSS) vulnerability in backend/pages/modify.php in BlackCatCMS 1.3 allows remote authenticated users with the Admin role to inject arbitrary web script or HTML via the search panel.
CVSS 4.8
CVE-2017-9609 WRITEUP MEDIUM
Blackcat CMS 1.2 - Authenticated Cross-Site Scripting via map_language Parameter
Cross-site scripting (XSS) vulnerability in Blackcat CMS 1.2 allows remote authenticated users to inject arbitrary web script or HTML via the map_language parameter to backend/pages/lang_settings.php.
CVSS 5.4
CVE-2015-5521 WRITEUP MEDIUM
BlackCat CMS 1.1.2 - Stored Cross-Site Scripting via Group Name Parameter
Cross-site scripting (XSS) vulnerability in BlackCat CMS 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the name in a new group to backend/groups/index.php.
CVSS 4.8
CVE-2021-27291 WRITEUP HIGH
Pygments 1.1-2.7.3 - Denial of Service via Inefficient Regular Expression Complexity
In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By crafting malicious input, an attacker can cause a denial of service.
CVSS 7.5
CVE-2021-27292 WRITEUP HIGH
ua-parser-js 0.7.14-0.7.23 - Denial of Service via Malicious User-Agent Header
ua-parser-js >= 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing it for an extended period of time.
CVSS 7.5
CVE-2021-27338 WRITEUP MEDIUM
Faraday Edge < 3.7 - Cross-Site Scripting via Network Name Parameter
Faraday Edge before 3.7 allows XSS via the network/create/ page and its network name parameter.
CVSS 5.4
CVE-2021-27342 WRITEUP MEDIUM
D-Link Router DIR-842 v3.0.2 - Auth Bypass
An authentication brute-force protection mechanism bypass in telnetd in D-Link Router model DIR-842 firmware version 3.0.2 allows a remote attacker to circumvent the anti-brute-force cool-down delay period via a timing-based side-channel attack
CVSS 5.9
CVE-2021-27358 WRITEUP HIGH
Grafana 6.7.3-7.4.1 - Unauthenticated Denial of Service via Snapshot API
The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call if a commonly used configuration is set.
CVSS 7.5
CVE-2021-27403 WRITEUP MEDIUM
Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 - Cross-Site Scripting via curWebPage Parameter
Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 devices allow cgi-bin/te_acceso_router.cgi curWebPage XSS.
CVSS 6.1
CVE-2021-27404 WRITEUP MEDIUM
Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 - Open Redirect via Host Header Injection
Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 devices allow injection of a Host HTTP header.
CVSS 6.1
CVE-2021-27513 WRITEUP HIGH
EyesOfNetwork 5.3-10 - Authenticated Unrestricted Upload of Dangerous File Type
The module admin_ITSM in EyesOfNetwork 5.3-10 allows remote authenticated users to upload arbitrary .xml.php files because it relies on "le filtre userside."
CVSS 8.8
CVE-2021-27545 WRITEUP MEDIUM
PHPGurukul Beauty Parlour Mgmt <1.0 - SQL Injection
SQL Injection in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to obtain sensitive database information by injecting SQL commands into the "sername" parameter.
CVSS 6.5
CVE-2021-27815 WRITEUP MEDIUM
exif < 0.6.22 - Denial of Service via Malicious JPEG File
NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service (DoS) by uploading a malicious JPEG file, causing the application to crash.
CVSS 5.5
CVE-2021-27885 WRITEUP HIGH
e107 < 2.3.0 - Cross-Site Request Forgery via usersettings.php
usersettings.php in e107 through 2.3.0 lacks a certain e_TOKEN protection mechanism.
CVSS 8.8
CVE-2021-27902 WRITEUP MEDIUM
Craft CMS < 3.6.0 - Cross-Site Scripting via Front-End Form User Uploads
An issue was discovered in Craft CMS before 3.6.0. In some circumstances, a potential XSS vulnerability existed in connection with front-end forms that accepted user uploads.
CVSS 6.1
CVE-2021-27903 WRITEUP CRITICAL
Craft CMS < 3.6.7 - Remote Code Execution via Administrative Session Hijack
An issue was discovered in Craft CMS before 3.6.7. In some circumstances, a potential Remote Code Execution vulnerability existed on sites that did not restrict administrative changes (if an attacker were somehow able to hijack an administrator's session).
CVSS 9.8
CVE-2021-27964 WRITEUP CRITICAL
SonLogger - Arbitrary File Upload
SonLogger before 6.4.1 is affected by Unauthenticated Arbitrary File Upload. An attacker can send a POST request to /Config/SaveUploadedHotspotLogoFile without any authentication or session header. There is no check for the file extension or content of the uploaded file.
CVSS 9.8