Writeup Exploits
63,730 exploits tracked across all sources.
FLIR AX8 Firmware <= 1.46.16 - Remote Command Injection via res.php id Parameter
All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are vulnerable to Remote Command Injection. This can be exploited to inject and execute arbitrary shell commands as the root user through the id HTTP POST parameter in the res.php endpoint. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the root privileges. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16.
CVSS 9.8
FLIR AX8 Firmware <= 1.46.16 - Remote Command Injection via res.php id Parameter
All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are vulnerable to Remote Command Injection. This can be exploited to inject and execute arbitrary shell commands as the root user through the id HTTP POST parameter in the res.php endpoint. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the root privileges. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16.
CVSS 9.8
camp_project camp < 2022-07-21 - Insufficiently Protected Credentials via StaticFileHandler
patrickfuller camp up to and including commit bbd53a256ed70e79bd8758080936afbf6d738767 is vulnerable to Incorrect Access Control. Access to the password.txt file is not properly restricted as it is in the root directory served by StaticFileHandler and the Tornado rule to throw a 403 error when password.txt is accessed can be bypassed. Furthermore, it is not necessary to crack the password hash to authenticate with the application because the password hash is also used as the cookie secret, so an attacker can generate his own authentication cookie.
CVSS 9.8
camp_project camp < 2022-07-21 - Insufficiently Protected Credentials via StaticFileHandler
patrickfuller camp up to and including commit bbd53a256ed70e79bd8758080936afbf6d738767 is vulnerable to Incorrect Access Control. Access to the password.txt file is not properly restricted as it is in the root directory served by StaticFileHandler and the Tornado rule to throw a 403 error when password.txt is accessed can be bypassed. Furthermore, it is not necessary to crack the password hash to authenticate with the application because the password hash is also used as the cookie secret, so an attacker can generate his own authentication cookie.
CVSS 9.8
DDMAL MEI2Volpiano < 0.8.2 - XML External Entity Injection via xml.etree Library
DDMAL MEI2Volpiano 0.8.2 is vulnerable to XML External Entity (XXE), leading to a Denial of Service. This occurs due to the usage of the unsafe 'xml.etree' library to parse untrusted XML input.
CVSS 7.5
JFinal CMS 5.1.0 - SQL Injection
JFinal CMS 5.1.0 is vulnerable to SQL Injection.
CVSS 8.8
JFinal CMS 5.1.0 - SQL Injection
JFinal CMS 5.1.0 is vulnerable to SQL Injection.
CVSS 8.8
jfinal_cms 5.1.0 - SQL Injection via /admin/advicefeedback/list
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/advicefeedback/list
CVSS 8.8
jfinal_cms 5.1.0 - SQL Injection via /admin/advicefeedback/list
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/advicefeedback/list
CVSS 8.8
JFinal CMS 5.1.0 - SQL Injection
JFinal CMS 5.1.0 is vulnerable to SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection.
CVSS 9.8
JFinal CMS 5.1.0 - SQL Injection
JFinal CMS 5.1.0 is vulnerable to SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection.
CVSS 9.8
jfinal_cms 5.1.0 - SQL Injection
Final CMS 5.1.0 is vulnerable to SQL Injection.
CVSS 9.8
jfinal_cms 5.1.0 - SQL Injection
Final CMS 5.1.0 is vulnerable to SQL Injection.
CVSS 9.8
JFinal CMS 5.1.0 - SQL Injection
JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection.
CVSS 8.8
JFinal CMS 5.1.0 - SQL Injection
JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection.
CVSS 8.8
JFinal CMS 5.1.0 - SQL Injection
JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection
CVSS 8.8
JFinal CMS 5.1.0 - SQL Injection
JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection
CVSS 8.8
JFinal CMS 5.1.0 - SQL Injection
JFinal CMS 5.1.0 is vulnerable to SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection.
CVSS 8.8
JFinal CMS 5.1.0 - SQL Injection
JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection.
CVSS 8.8
JFinal CMS 5.1.0 - SQL Injection
JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection.
CVSS 8.8
stealjs steal - Prototype Pollution via npm-convert.js requestedVersion Variable
Prototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal 2.2.4 via the requestedVersion variable in npm-convert.js.
CVSS 9.8
stealjs steal - Prototype Pollution via packageName Variable in npm-convert.js
Prototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal 2.2.4 via the packageName variable in npm-convert.js.
CVSS 9.8
stealjs steal 2.2.4 - Regular Expression Denial of Service via String Variable in babel.js
A Regular Expression Denial of Service (ReDoS) flaw was found in stealjs steal 2.2.4 via the string variable in babel.js.
CVSS 7.5
stealjs steal 2.2.4 - Regular Expression Denial of Service via Input Variable
A Regular Expression Denial of Service (ReDoS) flaw was found in stealjs steal 2.2.4 via the input variable in main.js.
CVSS 7.5
stealjs steal 2.2.4 - Regular Expression Denial of Service via source and sourceWithComments Variable
A Regular Expression Denial of Service (ReDoS) flaw was found in stealjs steal 2.2.4 via the source and sourceWithComments variable in main.js.
CVSS 7.5
By Source