Writeup Exploits

63,731 exploits tracked across all sources.

Sort: Activity Stars
CVE-2022-42703 WRITEUP MEDIUM
Linux Kernel < 5.19.7 - Use-After-Free in anon_vma Reuse
mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.
CVSS 5.5
CVE-2022-42725 WRITEUP HIGH
Warpinator < 1.2.14 - Directory Traversal via Symbolic Link
Warpinator through 1.2.14 allows access outside of an intended directory, as demonstrated by symbolic directory links.
CVSS 7.5
CVE-2022-42896 WRITEUP HIGH
Linux Kernel < 4.9.335 - Use-After-Free in Bluetooth L2CAP Core
There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim. We recommend upgrading past commit  https://www.google.com/url https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4 https://www.google.com/url
CVSS 8.0
CVE-2022-43030 WRITEUP HIGH
siyucms v6.1.7 - Remote Code Execution
Siyucms v6.1.7 was discovered to contain a remote code execution (RCE) vulnerability in the background. SIYUCMS is a content management system based on ThinkPaP5 AdminLTE. SIYUCMS has a background command execution vulnerability, which can be used by attackers to gain server privileges
CVSS 7.2
CVE-2022-43031 WRITEUP HIGH
dedecms v6.1.9 - Cross-Site Request Forgery
DedeCMS v6.1.9 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily add Administrator accounts and modify Admin passwords.
CVSS 8.8
CVE-2022-43369 WRITEUP MEDIUM
AutoTaxi Stand Management System v1.0 - XSS
AutoTaxi Stand Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component search.php.
CVSS 6.1
CVE-2022-4361 WRITEUP CRITICAL
Keycloak < 21.1.2 - Cross-Site Scripting via AssertionConsumerServiceURL or redirect_uri
Keycloak, an open-source identity and access management solution, has a cross-site scripting (XSS) vulnerability in the SAML or OIDC providers. The vulnerability can allow an attacker to execute malicious scripts by setting the AssertionConsumerServiceURL value or the redirect_uri.
CVSS 10.0
CVE-2022-44118 WRITEUP CRITICAL
DedeCMS V6 6.1.9 - Remote Code Execution via file_manage_control.php
dedecmdv6 v6.1.9 is vulnerable to Remote Code Execution (RCE) via file_manage_control.php.
CVSS 9.8
CVE-2022-44151 WRITEUP CRITICAL
Simple Inventory Management System v1.0 - SQL Injection
Simple Inventory Management System v1.0 is vulnerable to SQL Injection via /ims/login.php.
CVSS 9.8
CVE-2022-44183 WRITEUP CRITICAL
Tenda AC18 V15.03.05.19 - Buffer Overflow
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetWifiGuestBasic.
CVSS 9.8
CVE-2022-44244 WRITEUP MEDIUM
Lin-CMS <0.2.1 - Privilege Escalation
An authentication bypass in Lin-CMS v0.2.1 allows attackers to escalate privileges to Super Administrator.
CVSS 6.6
CVE-2022-44261 WRITEUP MEDIUM
Avery Dennison Monarch Printer M9855 - XSS
Avery Dennison Monarch Printer M9855 is vulnerable to Cross Site Scripting (XSS).
CVSS 6.1
CVE-2022-44343 WRITEUP HIGH
CRMEB 4.4.4 - Arbitrary File Download
CRMEB 4.4.4 is vulnerable to Any File download.
CVSS 7.5
CVE-2022-44789 WRITEUP HIGH
Artifex MuJS 1.0.0-1.3.x - Remote Code Execution via Crafted JavaScript File
A logical issue in O_getOwnPropertyDescriptor() in Artifex MuJS 1.0.0 through 1.3.x before 1.3.2 allows an attacker to achieve Remote Code Execution through memory corruption, via the loading of a crafted JavaScript file.
CVSS 8.8
CVE-2022-44789 WRITEUP HIGH
Artifex MuJS 1.0.0-1.3.x - Remote Code Execution via Crafted JavaScript File
A logical issue in O_getOwnPropertyDescriptor() in Artifex MuJS 1.0.0 through 1.3.x before 1.3.2 allows an attacker to achieve Remote Code Execution through memory corruption, via the loading of a crafted JavaScript file.
CVSS 8.8
CVE-2022-44870 WRITEUP MEDIUM
maccms10 v2022.1000.3032 - Reflected Cross-Site Scripting via AD Management Name Parameter
A reflected cross-site scripting (XSS) vulnerability in maccms10 v2022.1000.3032 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter under the AD Management module.
CVSS 6.1
CVE-2022-44875 WRITEUP MEDIUM
KioWare < 8.33 - Remote Code Execution via KioUtils.Execute
KioWare through 8.33 on Windows sets KioScriptingUrlACL.AclActions.AllowHigh for the about:blank origin, which allows attackers to obtain SYSTEM access via KioUtils.Execute in JavaScript code.
CVSS 5.4
CVE-2022-44877 WRITEUP CRITICAL
CWP login.php Unauthenticated RCE
login/index.php in CWP (aka Control Web Panel or CentOS Web Panel) 7 before 0.9.8.1147 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the login parameter.
CVSS 9.8
CVE-2022-44900 WRITEUP CRITICAL
Py7zr < 0.20.1 - Path Traversal
A directory traversal vulnerability in the SevenZipFile.extractall() function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z file.
CVSS 9.1
CVE-2022-4407 WRITEUP MEDIUM
phpmyfaq < 3.1.9 - Reflected Cross-Site Scripting
Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.9.
CVSS 6.1
CVE-2022-4407 WRITEUP MEDIUM
phpmyfaq < 3.1.9 - Reflected Cross-Site Scripting
Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.9.
CVSS 6.1
CVE-2025-67504 WRITEUP CRITICAL
WBCE CMS < 1.6.5 - Weak Password Generation via Insecure rand() Usage
WBCE CMS is a content management system. Versions 1.6.4 and below use function GenerateRandomPassword() to create passwords using PHP's rand(). rand() is not cryptographically secure, which allows password sequences to be predicted or brute-forced. This can lead to user account compromise or privilege escalation if these passwords are used for new accounts or password resets. The vulnerability is fixed in version 1.6.5.
CVSS 9.1
CVE-2025-67504 WRITEUP CRITICAL
WBCE CMS < 1.6.5 - Weak Password Generation via Insecure rand() Usage
WBCE CMS is a content management system. Versions 1.6.4 and below use function GenerateRandomPassword() to create passwords using PHP's rand(). rand() is not cryptographically secure, which allows password sequences to be predicted or brute-forced. This can lead to user account compromise or privilege escalation if these passwords are used for new accounts or password resets. The vulnerability is fixed in version 1.6.5.
CVSS 9.1
CVE-2025-66204 WRITEUP HIGH
WBCE CMS < 1.6.5 - Brute-Force Protection Bypass via X-Forwarded-For Header
WBCE CMS is a content management system. Version 1.6.4 contains a brute-force protection bypass where an attacker can indefinitely reset the counter by modifying `X-Forwarded-For` on each request, gaining unlimited password guessing attempts, effectively bypassing all brute-force protection. The application fully trusts the `X-Forwarded-For` header without validating it or restricting its usage. This issue is fixed in version 1.6.5.
CVSS 8.1
CVE-2025-66204 WRITEUP HIGH
WBCE CMS < 1.6.5 - Brute-Force Protection Bypass via X-Forwarded-For Header
WBCE CMS is a content management system. Version 1.6.4 contains a brute-force protection bypass where an attacker can indefinitely reset the counter by modifying `X-Forwarded-For` on each request, gaining unlimited password guessing attempts, effectively bypassing all brute-force protection. The application fully trusts the `X-Forwarded-For` header without validating it or restricting its usage. This issue is fixed in version 1.6.5.
CVSS 8.1