Writeup Exploits

63,730 exploits tracked across all sources.

Sort: Activity Stars
CVE-2022-37061 WRITEUP CRITICAL
FLIR AX8 Firmware <= 1.46.16 - Remote Command Injection via res.php id Parameter
All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are vulnerable to Remote Command Injection. This can be exploited to inject and execute arbitrary shell commands as the root user through the id HTTP POST parameter in the res.php endpoint. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the root privileges. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16.
CVSS 9.8
CVE-2022-37061 WRITEUP CRITICAL
FLIR AX8 Firmware <= 1.46.16 - Remote Command Injection via res.php id Parameter
All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are vulnerable to Remote Command Injection. This can be exploited to inject and execute arbitrary shell commands as the root user through the id HTTP POST parameter in the res.php endpoint. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the root privileges. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16.
CVSS 9.8
CVE-2022-37109 WRITEUP CRITICAL
camp_project camp < 2022-07-21 - Insufficiently Protected Credentials via StaticFileHandler
patrickfuller camp up to and including commit bbd53a256ed70e79bd8758080936afbf6d738767 is vulnerable to Incorrect Access Control. Access to the password.txt file is not properly restricted as it is in the root directory served by StaticFileHandler and the Tornado rule to throw a 403 error when password.txt is accessed can be bypassed. Furthermore, it is not necessary to crack the password hash to authenticate with the application because the password hash is also used as the cookie secret, so an attacker can generate his own authentication cookie.
CVSS 9.8
CVE-2022-37109 WRITEUP CRITICAL
camp_project camp < 2022-07-21 - Insufficiently Protected Credentials via StaticFileHandler
patrickfuller camp up to and including commit bbd53a256ed70e79bd8758080936afbf6d738767 is vulnerable to Incorrect Access Control. Access to the password.txt file is not properly restricted as it is in the root directory served by StaticFileHandler and the Tornado rule to throw a 403 error when password.txt is accessed can be bypassed. Furthermore, it is not necessary to crack the password hash to authenticate with the application because the password hash is also used as the cookie secret, so an attacker can generate his own authentication cookie.
CVSS 9.8
CVE-2022-37189 WRITEUP HIGH
DDMAL MEI2Volpiano < 0.8.2 - XML External Entity Injection via xml.etree Library
DDMAL MEI2Volpiano 0.8.2 is vulnerable to XML External Entity (XXE), leading to a Denial of Service. This occurs due to the usage of the unsafe 'xml.etree' library to parse untrusted XML input.
CVSS 7.5
CVE-2022-37201 WRITEUP HIGH
JFinal CMS 5.1.0 - SQL Injection
JFinal CMS 5.1.0 is vulnerable to SQL Injection.
CVSS 8.8
CVE-2022-37201 WRITEUP HIGH
JFinal CMS 5.1.0 - SQL Injection
JFinal CMS 5.1.0 is vulnerable to SQL Injection.
CVSS 8.8
CVE-2022-37202 WRITEUP HIGH
jfinal_cms 5.1.0 - SQL Injection via /admin/advicefeedback/list
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/advicefeedback/list
CVSS 8.8
CVE-2022-37202 WRITEUP HIGH
jfinal_cms 5.1.0 - SQL Injection via /admin/advicefeedback/list
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/advicefeedback/list
CVSS 8.8
CVE-2022-37203 WRITEUP CRITICAL
JFinal CMS 5.1.0 - SQL Injection
JFinal CMS 5.1.0 is vulnerable to SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection.
CVSS 9.8
CVE-2022-37203 WRITEUP CRITICAL
JFinal CMS 5.1.0 - SQL Injection
JFinal CMS 5.1.0 is vulnerable to SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection.
CVSS 9.8
CVE-2022-37204 WRITEUP CRITICAL
jfinal_cms 5.1.0 - SQL Injection
Final CMS 5.1.0 is vulnerable to SQL Injection.
CVSS 9.8
CVE-2022-37204 WRITEUP CRITICAL
jfinal_cms 5.1.0 - SQL Injection
Final CMS 5.1.0 is vulnerable to SQL Injection.
CVSS 9.8
CVE-2022-37205 WRITEUP HIGH
JFinal CMS 5.1.0 - SQL Injection
JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection.
CVSS 8.8
CVE-2022-37205 WRITEUP HIGH
JFinal CMS 5.1.0 - SQL Injection
JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection.
CVSS 8.8
CVE-2022-37207 WRITEUP HIGH
JFinal CMS 5.1.0 - SQL Injection
JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection
CVSS 8.8
CVE-2022-37207 WRITEUP HIGH
JFinal CMS 5.1.0 - SQL Injection
JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection
CVSS 8.8
CVE-2022-37208 WRITEUP HIGH
JFinal CMS 5.1.0 - SQL Injection
JFinal CMS 5.1.0 is vulnerable to SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection.
CVSS 8.8
CVE-2022-37209 WRITEUP HIGH
JFinal CMS 5.1.0 - SQL Injection
JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection.
CVSS 8.8
CVE-2022-37209 WRITEUP HIGH
JFinal CMS 5.1.0 - SQL Injection
JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection.
CVSS 8.8
CVE-2022-37257 WRITEUP CRITICAL
stealjs steal - Prototype Pollution via npm-convert.js requestedVersion Variable
Prototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal 2.2.4 via the requestedVersion variable in npm-convert.js.
CVSS 9.8
CVE-2022-37258 WRITEUP CRITICAL
stealjs steal - Prototype Pollution via packageName Variable in npm-convert.js
Prototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal 2.2.4 via the packageName variable in npm-convert.js.
CVSS 9.8
CVE-2022-37259 WRITEUP HIGH
stealjs steal 2.2.4 - Regular Expression Denial of Service via String Variable in babel.js
A Regular Expression Denial of Service (ReDoS) flaw was found in stealjs steal 2.2.4 via the string variable in babel.js.
CVSS 7.5
CVE-2022-37260 WRITEUP HIGH
stealjs steal 2.2.4 - Regular Expression Denial of Service via Input Variable
A Regular Expression Denial of Service (ReDoS) flaw was found in stealjs steal 2.2.4 via the input variable in main.js.
CVSS 7.5
CVE-2022-37262 WRITEUP HIGH
stealjs steal 2.2.4 - Regular Expression Denial of Service via source and sourceWithComments Variable
A Regular Expression Denial of Service (ReDoS) flaw was found in stealjs steal 2.2.4 via the source and sourceWithComments variable in main.js.
CVSS 7.5