Writeup Exploits
60,101 exploits tracked across all sources.
Weaver E-cology - Race Condition
A vulnerability was found in Weaver E-cology allows attackers use race conditions to bypass security mechanisms to upload malicious files and control server privileges
CVSS 9.8
Weaver E-cology - Code Injection
An issue in Weaver E-cology v. attackers construct special requests to insert remote malicious code and to trigger malicious code execution, and control server privileges
CVSS 9.8
Weaver E-cology - Path Traversal
E-cology has a directory traversal vulnerability. An attacker can exploit this vulnerability to delete the server directory, causing the server to permanently deny service.
CVSS 6.5
Weaver E-cology - SQL Injection
Weaver Ecology v9.* was discovered to contain a SQL injection vulnerability via the component /mobilemode/Action.jsp?invoker=com.weaver.formmodel.mobile.mec.servlet.MECAction&action=getFieldTriggerValue&searchField=*&fromTable=HrmResourceManager&whereClause=1%3d1&triggerCondition=1&expression=%3d&fieldValue=1.
CVSS 9.8
sunniwell HT3300 <1.0.0.B022.2 - Command Injection
sunniwell HT3300 before 1.0.0.B022.2 is vulnerable to Insecure Permissions. The /usr/local/bin/update program, which is responsible for updating the software in the HT3300 device, is given the execution mode of sudo NOPASSWD. This program is vulnerable to a command injection vulnerability, which could allow an attacker to pass commands to this program via command line arguments to gain elevated root privileges.
CVSS 9.8
Draytek Vigor2960 Firmware - OS Command Injection
An authorized RCE vulnerability exists in the DrayTek Vigor2960 router version 1.4.4, where an attacker can place a malicious command into the table parameter of the doPPPoE function in the cgi-bin/mainfunction.cgi route, and finally the command is executed by the system function.
CVSS 8.0
Emqx Nanomq - Denial of Service
NanoMQ v0.22.7 is vulnerable to Denial of Service (DoS) due to improper resource throttling. A crafted sequence of requests causes the recv-q queue to saturate, leading to the rapid exhaustion of system file descriptors (FDs). This exhaustion triggers a process crash, rendering the broker unable to provide services.
CVSS 7.5
Blackbox AI <1.3.95 - Info Disclosure
A prompt injection vulnerability in the chatbox of Blackbox AI v1.3.95 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message.
CVSS 7.5
Nakivo Backup & Replication Director - Absolute Path Traversal
NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router (this may lead to remote code execution across the enterprise because PhysicalDiscovery has cleartext credentials).
CVSS 8.6
Tp-link Tl-ipc42c Firmware - Command Injection
TP-Link TL-IPC42C V4.0_20211227_1.0.16 is vulnerable to command injection due to the lack of malicious code verification on both the frontend and backend.
CVSS 8.0
Run.codes <1.5.2 - Info Disclosure
UsersController.php in Run.codes 1.5.2 and older has a reset password race condition vulnerability.
CVSS 8.1
Run.codes <1.5.2 - Info Disclosure
UsersController.php in Run.codes 1.5.2 and older has a reset password race condition vulnerability.
CVSS 8.1
Run.codes <1.5.2 - Info Disclosure
UsersController.php in Run.codes 1.5.2 and older has a reset password race condition vulnerability.
CVSS 8.1
Magisk App < canary 27007 - Privilege Escalation
The install() function of ProviderInstaller.java in Magisk App before canary version 27007 does not verify the GMS app before loading it, which allows a local untrusted app with no additional privileges to silently execute arbitrary code in the Magisk app and escalate privileges to root via a crafted package, aka Bug #8279. User interaction is not needed for exploitation.
CVSS 8.4
Orangescrum - XSS
OrangeScrum v2.0.11 is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious JavaScript code into user email due to lack of input validation, which could lead to account takeover.
CVSS 5.4
Razormist Loan Management System - XSS
itsourcecode Loan Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via a crafted payload to the lastname, firstname, middlename, address, contact_no, email and tax_id parameters in new borrowers functionality on the Borrowers page.
CVSS 5.0
Oretnom23 Packers And Movers Management System - SQL Injection
A SQL injection vulnerability in Sourcecodester Packers and Movers Management System v1.0 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in /mpms/admin/?page=services/manage_service&id
CVSS 8.8
Mihula Prodotnetzip < 1.19.0 - Path Traversal
Directory Traversal vulnerability in DotNetZip v.1.16.0 and before allows a remote attacker to execute arbitrary code via the src/Zip.Shared/ZipEntry.Extract.cs component NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVSS 9.8
Maestroerror Php-heic-to-jpg < 1.0.5 - Code Injection
php-heic-to-jpg <= 1.0.5 is vulnerable to code injection (fixed in 1.0.6). An attacker who can upload heic images is able to execute code on the remote server via the file name. As a result, the CIA is no longer guaranteed. This affects php-heic-to-jpg 1.0.5 and below.
CVSS 9.8
Aquila-cms Aquilacms < 1.409.20 - SQL Injection
A NoSQL injection vulnerability in AquilaCMS 1.409.20 and prior allows unauthenticated attackers to reset user and administrator account passwords via the "Reset password" feature.
CVSS 9.8
Inflectra Spirateam - SSRF
Inflectra SpiraTeam 7.2.00 is vulnerable to Server-Side Request Forgery (SSRF) via the NewsReaderService. This allows an attacker to escalate privileges and obtain sensitive information.
CVSS 9.8
Fast5 Prison Management System - Unrestricted File Upload
File Upload vulnerability in Prison Management System v.1.0 allows a remote attacker to execute arbitrary code via the file upload component.
CVSS 8.8
Minecraft mod 'Command Block IDE' <0.4.9 - Privilege Escalation
In Minecraft mod "Command Block IDE" up to and including version 0.4.9, a missing authorization (CWE-862) allows any user to modify "function" files used by the game when installed on a dedicated server.
CVSS 7.5
Tuzitio Camaleon Cms - XSS
Cross Site Scripting vulnerability in camaleon-cms v.2.7.5 allows remote attacker to execute arbitrary code via the content group name field.
CVSS 4.8
Blood Bank <1 - XSS
Cross Site Scripting vulnerability in Blood Bank v.1 allows a remote attacker to execute arbitrary code via a crafted script to the login.php component.
CVSS 6.1
By Source