Writeup Exploits

63,697 exploits tracked across all sources.

Sort: Activity Stars
CVE-2021-41649 WRITEUP CRITICAL
online-shopping-system-advanced - Unauthenticated SQL Injection via cat_id Parameter
An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-system-advanced through the /homeaction.php cat_id parameter. Using a post request does not sanitize the user input.
CVSS 9.8
CVE-2021-41648 WRITEUP HIGH
online-shopping-system-advanced - Unauthenticated SQL Injection via action.php prId Parameter
An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-system-advanced through the /action.php prId parameter. Using a post request does not sanitize the user input.
CVSS 7.5
CVE-2021-41647 WRITEUP CRITICAL
Online Food Ordering Web App 1.0 - Unauthenticated SQL Injection via Login Username Parameter
An un-authenticated error-based and time-based blind SQL injection vulnerability exists in Kaushik Jadhav Online Food Ordering Web App 1.0. An attacker can exploit the vulnerable "username" parameter in login.php and retrieve sensitive database information, as well as add an administrative user.
CVSS 9.1
CVE-2021-41511 WRITEUP CRITICAL
Lodging Reservation Management System 1.0 - SQL Injection via Login Username/Password Fields
The username and password field of login in Lodging Reservation Management System V1 can give access to any user by using SQL injection to bypass authentication.
CVSS 9.8
CVE-2021-38840 WRITEUP CRITICAL
Simple Water Refilling Station Management System 1.0 - SQL Injection
SQL Injection can occur in Simple Water Refilling Station Management System 1.0 via the water_refilling/classes/Login.php username parameter.
CVSS 9.8
CVE-2021-38833 WRITEUP CRITICAL
PHPGurukul AVMS <1.0 - SQL Injection
SQL injection vulnerability in PHPGurukul Apartment Visitors Management System (AVMS) v. 1.0 allows attackers to execute arbitrary SQL statements and to gain RCE.
CVSS 9.8
CVE-2021-38758 WRITEUP HIGH
Online Catering Reservation System 1.0 - Path Traversal
Directory traversal vulnerability in Online Catering Reservation System 1.0 exists due to lack of validation in index.php.
CVSS 7.5
CVE-2021-38758 WRITEUP HIGH
Online Catering Reservation System 1.0 - Path Traversal
Directory traversal vulnerability in Online Catering Reservation System 1.0 exists due to lack of validation in index.php.
CVSS 7.5
CVE-2021-38758 WRITEUP HIGH
Online Catering Reservation System 1.0 - Path Traversal
Directory traversal vulnerability in Online Catering Reservation System 1.0 exists due to lack of validation in index.php.
CVSS 7.5
CVE-2021-36624 WRITEUP CRITICAL
Phone Shop Sales Management System 1.0 - SQL Injection
Sourcecodester Phone Shop Sales Managements System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
CVSS 9.8
CVE-2021-26822 WRITEUP CRITICAL
Teachers Record Management System 1.0 - Unauthenticated SQL Injection via searchteacher Parameter
Teachers Record Management System 1.0 is affected by a SQL injection vulnerability in 'searchteacher' POST parameter in search-teacher.php. This vulnerability can be exploited by a remote unauthenticated attacker to leak sensitive information and perform code execution attacks.
CVSS 9.8
CVE-2022-31402 WRITEUP MEDIUM
iTop 3.0.1 - Cross-Site Scripting via export-v2.php
ITOP v3.0.1 was discovered to contain a cross-site scripting (XSS) vulnerability via /itop/webservices/export-v2.php.
CVSS 6.1
CVE-2022-31403 WRITEUP MEDIUM
iTop 3.0.1 - Cross-Site Scripting via ajax.render.php
ITOP v3.0.1 was discovered to contain a cross-site scripting (XSS) vulnerability via /itop/pages/ajax.render.php.
CVSS 6.1
CVE-2022-31487 WRITEUP HIGH
Inout Blockchain <1.2.1, <2.2.1 - SQL Injection
Inout Blockchain AltExchanger 1.2.1 and Inout Blockchain FiatExchanger 2.2.1 allow Chart/TradingView/chart_content/master.php symbol SQL injection.
CVSS 7.5
CVE-2022-31499 WRITEUP CRITICAL
Nortek Linear eMerge E3-Series <0.32-08f - Command Injection
Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to inject OS commands via ReaderNo. NOTE: this issue exists because of an incomplete fix for CVE-2019-7256.
CVSS 9.8
CVE-2022-31798 WRITEUP MEDIUM
Nortek Linear eMerge E3-Series < 0.32-07p - Cross-Site Scripting and Session Fixation via CardFormatNo Parameter
Nortek Linear eMerge E3-Series 0.32-07p devices are vulnerable to /card_scan.php?CardFormatNo= XSS with session fixation (via PHPSESSID) when they are chained together. This would allow an attacker to take over an admin account or a user account.
CVSS 6.1
CVE-2022-31799 WRITEUP CRITICAL
Bottle < 0.12.20 - Denial of Service via Early Request Binding Error Handling
Bottle before 0.12.20 mishandles errors during early request binding.
CVSS 9.8
CVE-2022-31854 WRITEUP HIGH
Codoforum 5.1 - Authenticated Arbitrary File Upload via Admin Logo Change
Codoforum v5.1 was discovered to contain an arbitrary file upload vulnerability via the logo change option in the admin panel.
CVSS 7.2
CVE-2022-31889 WRITEUP MEDIUM
osTicket audit_log < 2022-04-21 - Stored Cross-Site Scripting in auditlogs.tmpl.php
Cross Site Scripting (XSS) vulnerability in audit/templates/auditlogs.tmpl.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae.
CVSS 6.1
CVE-2022-31890 WRITEUP CRITICAL
osTicket-plugins audit_log < 2022-04-21 - SQL Injection via order Parameter in getOrder Function
SQL Injection vulnerability in audit/class.audit.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae via the order parameter to the getOrder function.
CVSS 9.8
CVE-2022-31983 WRITEUP HIGH
Online Fire Reporting System 1.0 - SQL Injection via Request ID Parameter
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/manage_request&id=.
CVSS 7.2
CVE-2022-3170 WRITEUP HIGH
Linux Kernel - Out-of-bounds Read via Sound Subsystem ioctl Interface
An out-of-bounds access issue was found in the Linux kernel sound subsystem. It could occur when the 'id->name' provided by the user did not end with '\0'. A privileged local user could pass a specially crafted name through ioctl() interface and crash the system or potentially escalate their privileges on the system.
CVSS 7.8
CVE-2022-32013 WRITEUP HIGH
Complete Online Job Search System 1.0 - SQL Injection via Admin Category Edit ID Parameter
Complete Online Job Search System v1.0 is vulnerable to SQL Injection via eris/admin/category/index.php?view=edit&id=.
CVSS 7.2
CVE-2022-32022 WRITEUP HIGH
Car Rental Management System 1.0 - SQL Injection via Admin Login Endpoint
Car Rental Management System v1.0 is vulnerable to SQL Injection via /ip/car-rental-management-system/admin/ajax.php?action=login.
CVSS 7.2
CVE-2022-32074 WRITEUP MEDIUM
osTicket-plugins - Storage-FS < 2022-05-19 - Stored Cross-Site Scripting via SVG File Upload
A stored cross-site scripting (XSS) vulnerability in the component audit/class.audit.php of osTicket-plugins - Storage-FS before commit a7842d494889fd5533d13deb3c6a7789768795ae allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file.
CVSS 5.4