Writeup Exploits
63,741 exploits tracked across all sources.
Data Illusion Survey Software Solutions ngSurvey <2.4.28 - DoS
Data Illusion Survey Software Solutions ngSurvey version 2.4.28 and below is vulnerable to Denial of Service if a survey contains a "Text Field", "Comment Field" or "Contact Details".
CVSS 7.5
D-Link DIR-846 FW100A53DBR - Remote Command Execution via lan_dhcps_staticlist
D-Link DIR-846 Firmware FW100A53DBR was discovered to contain a remote command execution (RCE) vulnerability via the lan(0)_dhcps_staticlist parameter. This vulnerability is exploited via a crafted POST request.
CVSS 8.8
Tecrail Responsive FileManager <9.9.5 - Code Injection
An issue in Tecrail Responsive FileManager v9.9.5 and below allows attackers to bypass the file extension check mechanism and upload a crafted PHP file, leading to arbitrary code execution.
CVSS 8.8
Python3-RESTfulAPI - Backdoor Code Execution via request Package
Python3-RESTfulAPI commit d9907f14e9e25dcdb54f5b22252b0e9452e3970e and e772e0beee284c50946e94c54a1d43071ca78b74 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVSS 9.8
Judging Management System v1.0 - XSS
A cross-site scripting (XSS) vulnerability in Judging Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter.
CVSS 6.1
Judging Management System v1.0.0 - SQL Injection
Judging Management System v1.0.0 was discovered to contain a SQL injection vulnerability via the username parameter.
CVSS 7.8
NagVis < 1.9.34 - Arbitrary File Read via Hover URL Component
Nagvis before 1.9.34 was discovered to contain an arbitrary file read vulnerability via the component /core/classes/NagVisHoverUrl.php.
CVSS 9.1
playsms < 1.4.5 - Authentication Bypass via Type Juggling in /auth/fn.php
A type juggling vulnerability in the component /auth/fn.php of PlaySMS v1.4.5 and earlier allows attackers to bypass authentication.
CVSS 9.8
Nighthawk R6220 AC1200 - CRLF Injection
The web interface of the 'Nighthawk R6220 AC1200 Smart Wi-Fi Router' is vulnerable to a CRLF Injection attack that can be leveraged to perform Reflected XSS and HTML Injection. A malicious unauthenticated attacker can exploit this vulnerability using a specially crafted URL. This affects firmware versions: V1.1.0.112_1.0.1, V1.1.0.114_1.0.1.
CVSS 6.1
Student Study Center Management System V 1.0 - XSS
A cross-site scripting (XSS) vulnerability in Student Study Center Management System V 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter.
CVSS 5.4
drachtio-server < 0.8.19 - Denial of Service via Crafted UDP Message
An issue was discovered in the libsofia-sip fork in drachtio-server before 0.8.19. It allows remote attackers to cause a denial of service (daemon crash) via a crafted UDP message that causes a url_canonize2 heap-based buffer over-read because of an off-by-one error.
CVSS 7.5
Maccms10 2021.1000.2000 - Server-Side Request Forgery via Name Parameter
A Server-Side Request Forgery (SSRF) in maccms10 v2021.1000.2000 allows attackers to force the application to make arbitrary requests via a crafted payload injected into the Name parameter under the Interface address module.
CVSS 8.8
lxc < 5.0.1 - Information Disclosure via lxc-user-nic Error Messages
lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even within a protected directory tree, because "Failed to open" often indicates that a file does not exist, whereas "does not refer to a network namespace path" often indicates that a file exists. NOTE: this is different from CVE-2018-6556 because the CVE-2018-6556 fix design was based on the premise that "we will report back to the user that the open() failed but the user has no way of knowing why it failed"; however, in many realistic cases, there are no plausible reasons for failing except that the file does not exist.
CVSS 3.3
opencats 0.9.7 - SQL Injection via Import viewerrors importID Parameter
Opencats v0.9.7 was discovered to contain a SQL injection vulnerability via the importID parameter in the Import viewerrors function.
CVSS 9.8
opencats 0.9.7 - Reflected Cross-Site Scripting via /opencats/index.php?m=settings&a=ajax_tags_upd
Opencats v0.9.7 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /opencats/index.php?m=settings&a=ajax_tags_upd.
CVSS 6.1
OpenCATS 0.9.7 - Stored Cross-Site Scripting in Calendar Description or Title Fields
Opencats v0.9.7 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component /opencats/index.php?m=calendar. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description or Title text fields.
CVSS 5.4
Genymotion Desktop 3.3.2 - Uncontrolled Search Path Element via DLL Hijacking
Genymotion Desktop v3.3.2 was discovered to contain a DLL hijacking vulnerability that allows attackers to escalate privileges and execute arbitrary code via a crafted DLL.
CVSS 7.8
Shopware 5.5.10 - Cross-Site Scripting via Recovery/Install URI
Shopware v5.5.10 was discovered to contain a cross-site scripting (XSS) vulnerability via the recovery/install/ URI.
CVSS 6.1
TP-Link TL-WR902AC Firmware < 3.0.9.1 - Authenticated Remote Code Execution via Crafted Firmware Update
TP-Link TL-WR902AC devices through V3 0.9.1 allow remote authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) by uploading a crafted firmware update because the signature check is inadequate.
CVSS 8.8
YUI 2000-2800 - Reflected Cross-Site Scripting in Sandbox Examples
Reflected cross-site scripting (XSS) exists in Sandbox examples in the YUI2 repository. The download distributions, TreeView component and the YUI Javascript library overall are not affected. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVSS 6.1
YUI 2000-2800 - Reflected Cross-Site Scripting in Sandbox Examples
Reflected cross-site scripting (XSS) exists in Sandbox examples in the YUI2 repository. The download distributions, TreeView component and the YUI Javascript library overall are not affected. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVSS 6.1
MISP < 2.4.167 - SQL Injection via IndexFilterComponent Parameter Handling
app/Controller/Component/IndexFilterComponent.php in MISP before 2.4.167 mishandles ordered_url_params and additional_delimiters.
CVSS 9.8
MISP < 2.4.166 - Improper Handling of Exceptional Conditions via Order Parameter
MISP before 2.4.166 unsafely allows users to use the order parameter, related to app/Model/Attribute.php, app/Model/GalaxyCluster.php, app/Model/Workflow.php, and app/Plugin/Assets/models/behaviors/LogableBehavior.php.
CVSS 9.8
FDUPES <2.2.0 - Privilege Escalation
In deletefiles in FDUPES before 2.2.0, a TOCTOU race condition allows arbitrary file deletion via a symlink.
CVSS 6.0
Modbus Tools Modbus Slave <7.5.1 - Buffer Overflow
A vulnerability has been found in Modbus Tools Modbus Slave up to 7.5.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file mbslave.exe of the component mbs File Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-217021 was assigned to this vulnerability.
CVSS 6.3
By Source