Writeup Exploits

63,687 exploits tracked across all sources.

Sort: Activity Stars
CVE-2022-28454 WRITEUP MEDIUM
limbas 4.3.36.1319 - Cross-Site Scripting
Limbas 4.3.36.1319 is vulnerable to Cross Site Scripting (XSS).
CVSS 6.1
CVE-2022-28477 WRITEUP MEDIUM
WBCE CMS 1.5.2 - Cross-Site Scripting
WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS).
CVSS 6.1
CVE-2022-28506 WRITEUP MEDIUM
giflib 5.2.1 - Heap-Based Buffer Overflow in DumpScreen2RGB
There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB() in gif2rgb.c:298:45.
CVSS 5.5
CVE-2022-28508 WRITEUP MEDIUM
MantisBT < 2.25.2 - Stored Cross-Site Scripting via Unescaped Return Parameter
An XSS issue was discovered in browser_search_plugin.php in MantisBT before 2.25.2. Unescaped output of the return parameter allows an attacker to inject code into a hidden input field.
CVSS 6.1
CVE-2022-28545 WRITEUP MEDIUM
FUDforum 3.1.1 - Stored Cross-Site Scripting
FUDforum 3.1.1 is vulnerable to Stored XSS.
CVSS 5.4
CVE-2022-28598 WRITEUP MEDIUM
Frappe ERPNext 12.29.0 - Stored Cross-Site Scripting
Frappe ERPNext 12.29.0 is vulnerable to XSS where the software does not neutralize or incorrectly neutralize user-controllable input before it is placed in output that is used as a web page that is served to other users.
CVSS 6.1
CVE-2022-28927 WRITEUP CRITICAL
subconverter v0.7.2 - Remote Code Execution via Crafted Config and URL Parameters
A remote code execution (RCE) vulnerability in Subconverter v0.7.2 allows attackers to execute arbitrary code via crafted config and url parameters.
CVSS 9.8
CVE-2022-28944 WRITEUP HIGH
EMCO Software products < various - RCE
Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check. This affects MSI Package Builder for Windows 9.1.4 and Remote Installer for Windows 6.0.13 and Ping Monitor for Windows 8.0.18 and Remote Shutdown for Windows 7.2.2 and WakeOnLan 2.0.8 and Network Inventory for Windows 5.8.22 and Network Software Scanner for Windows 2.0.8 and UnLock IT for Windows 6.1.1. The impact is: execute arbitrary code (remote). The component is: Updater. The attack vector is: To exploit this vulnerability, a user must trigger an update of an affected installation of EMCO Software. ¶¶ Multiple products from EMCO Software are affected by a remote code execution vulnerability during the update process.
CVSS 8.8
CVE-2022-28959 WRITEUP MEDIUM
SPIP < 3.1.13 - Cross-Site Scripting in /spip.php
Multiple cross-site scripting (XSS) vulnerabilities in the component /spip.php of Spip Web Framework v3.1.13 and below allows attackers to execute arbitrary web scripts or HTML.
CVSS 6.1
CVE-2022-28960 WRITEUP HIGH
SPIP < 3.2.8 - Remote Code Execution via _oups Parameter
A PHP injection vulnerability in Spip before v3.2.8 allows attackers to execute arbitrary PHP code via the _oups parameter at /ecrire.
CVSS 8.8
CVE-2022-28961 WRITEUP HIGH
Spip Web Framework <v3.1.13 - SQL Injection
Spip Web Framework v3.1.13 and below was discovered to contain multiple SQL injection vulnerabilities at /ecrire via the lier_trad and where parameters.
CVSS 8.8
CVE-2022-28987 WRITEUP MEDIUM
Zoho ManageEngine ADSelfService Plus <6.2.02 - Info Disclosure
Zoho ManageEngine ADSelfService Plus before 6202 allows attackers to perform username enumeration via a crafted POST request to /ServletAPI/accounts/login.
CVSS 5.3
CVE-2022-2884 WRITEUP CRITICAL
GitLab CE/EE <15.1.5-15.3.1 - Authenticated RCE
A vulnerability in GitLab CE/EE affecting all versions from 11.3.4 prior to 15.1.5, 15.2 to 15.2.3, 15.3 to 15.3 to 15.3.1 allows an an authenticated user to achieve remote code execution via the Import from GitHub API endpoint
CVSS 9.9
CVE-2022-29004 WRITEUP MEDIUM
e-diary_management_system v1.0 - Cross-Site Scripting via Name Parameter in search-result.php
Diary Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Name parameter in search-result.php.
CVSS 6.1
CVE-2022-29005 WRITEUP MEDIUM
Online Birth Certificate System v1.2 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in the component /obcs/user/profile.php of Online Birth Certificate System v1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fname or lname parameters.
CVSS 6.1
CVE-2022-29006 WRITEUP CRITICAL
Directory Management System v1.0 - SQL Injection
Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Directory Management System v1.0 allows attackers to bypass authentication.
CVSS 9.8
CVE-2022-29007 WRITEUP CRITICAL
Dairy Farm Shop Management System v1.0 - SQL Injection
Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Dairy Farm Shop Management System v1.0 allows attackers to bypass authentication.
CVSS 9.8
CVE-2022-29008 WRITEUP MEDIUM
Bus Pass Management System v1.0 - Info Disclosure
An insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass Management System v1.0 allows attackers to access sensitive information.
CVSS 6.5
CVE-2022-29009 WRITEUP CRITICAL
Cyber Cafe Management System Project v1.0 - SQL Injection
Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Cyber Cafe Management System Project v1.0 allows attackers to bypass authentication.
CVSS 9.8
CVE-2022-29181 WRITEUP HIGH
Nokogiri <1.13.6 - Memory Corruption
Nokogiri is an open source XML and HTML library for Ruby. Nokogiri prior to version 1.13.6 does not type-check all inputs into the XML and HTML4 SAX parsers, allowing specially crafted untrusted inputs to cause illegal memory access errors (segfault) or reads from unrelated memory. Version 1.13.6 contains a patch for this issue. As a workaround, ensure the untrusted input is a `String` by calling `#to_s` or equivalent.
CVSS 8.2
CVE-2022-29181 WRITEUP HIGH
Nokogiri <1.13.6 - Memory Corruption
Nokogiri is an open source XML and HTML library for Ruby. Nokogiri prior to version 1.13.6 does not type-check all inputs into the XML and HTML4 SAX parsers, allowing specially crafted untrusted inputs to cause illegal memory access errors (segfault) or reads from unrelated memory. Version 1.13.6 contains a patch for this issue. As a workaround, ensure the untrusted input is a `String` by calling `#to_s` or equivalent.
CVSS 8.2
CVE-2022-29191 WRITEUP MEDIUM
TensorFlow < 2.6.4 - Denial of Service via GetSessionTensor Input Validation
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.GetSessionTensor` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
CVSS 5.5
CVE-2022-29192 WRITEUP MEDIUM
TensorFlow < 2.6.4 - Denial of Service via QuantizeAndDequantizeV4Grad Input Validation
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.QuantizeAndDequantizeV4Grad` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
CVSS 5.5
CVE-2022-29193 WRITEUP MEDIUM
TensorFlow < 2.6.4 - Denial of Service via TensorSummaryV2 Input Validation
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.TensorSummaryV2` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
CVSS 5.5
CVE-2022-29194 WRITEUP MEDIUM
TensorFlow < 2.6.4 - Denial of Service via tf.raw_ops.DeleteSessionTensor Input Validation
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.DeleteSessionTensor` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
CVSS 5.5