Writeup Exploits

63,773 exploits tracked across all sources.

Sort: Activity Stars
CVE-2023-0830 WRITEUP MEDIUM
EasyNAS 1.1.0 - OS Command Injection via /backup.pl
A vulnerability classified as critical has been found in EasyNAS 1.1.0. Affected is the function system of the file /backup.pl. The manipulation leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.
CVSS 6.3
CVE-2023-0860 WRITEUP HIGH
modoboa installer < 2.0.4 - Improper Restriction of Excessive Authentication Attempts
Improper Restriction of Excessive Authentication Attempts in GitHub repository modoboa/modoboa-installer prior to 2.0.4.
CVSS 7.5
CVE-2023-0902 WRITEUP LOW
Simple Food Ordering System 1.0 - Cross-Site Scripting in process_order.php
A vulnerability was found in SourceCodester Simple Food Ordering System 1.0. It has been classified as problematic. This affects an unknown part of the file process_order.php. The manipulation of the argument order leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221451.
CVSS 3.5
CVE-2023-0904 WRITEUP MEDIUM
SourceCodester Employee Task Management System 1.0 - SQL Injection via task_id Parameter
A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file task-details.php. The manipulation of the argument task_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221453 was assigned to this vulnerability.
CVSS 6.3
CVE-2023-0905 WRITEUP HIGH
SourceCodester Employee Task Management System 1.0 - Improper Authentication via changePasswordForEmployee.php
A vulnerability classified as critical has been found in SourceCodester Employee Task Management System 1.0. Affected is an unknown function of the file changePasswordForEmployee.php. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-221454 is the identifier assigned to this vulnerability.
CVSS 7.3
CVE-2023-0912 WRITEUP MEDIUM
Auto Dealer Management System 1.0 - SQL Injection via id Parameter in view_transaction Page
A vulnerability classified as critical has been found in SourceCodester Auto Dealer Management System 1.0. This affects an unknown part of the file /adms/admin/?page=vehicles/view_transaction. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221481 was assigned to this vulnerability.
CVSS 4.7
CVE-2023-0913 WRITEUP MEDIUM
Auto Dealer Management System 1.0 - SQL Injection via Sell Vehicle ID Parameter
A vulnerability classified as critical was found in SourceCodester Auto Dealer Management System 1.0. This vulnerability affects unknown code of the file /adms/admin/?page=vehicles/sell_vehicle. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-221482 is the identifier assigned to this vulnerability.
CVSS 4.7
CVE-2023-0915 WRITEUP MEDIUM
Auto Dealer Management System 1.0 - SQL Injection via Manage User ID Parameter
A vulnerability classified as critical has been found in SourceCodester Auto Dealer Management System 1.0. Affected is an unknown function of the file /adms/admin/?page=user/manage_user. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-221490 is the identifier assigned to this vulnerability.
CVSS 6.3
CVE-2023-0916 WRITEUP MEDIUM
Auto Dealer Management System 1.0 - Improper Access Control in Users.php
A vulnerability classified as critical was found in SourceCodester Auto Dealer Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /adms/classes/Users.php. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221491.
CVSS 6.3
CVE-2023-0938 WRITEUP MEDIUM
SourceCodester Music Gallery Site 1.0 - SQL Injection via cid Parameter in music_list.php
A vulnerability classified as critical has been found in SourceCodester Music Gallery Site 1.0. This affects an unknown part of the file music_list.php of the component GET Request Handler. The manipulation of the argument cid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221553 was assigned to this vulnerability.
CVSS 6.3
CVE-2023-0957 WRITEUP HIGH
Gitpod < 2022.11.2 - Cross-Site WebSocket Hijacking via Origin Header Misvalidation
An issue was discovered in Gitpod versions prior to release-2022.11.2.16. There is a Cross-Site WebSocket Hijacking (CSWSH) vulnerability that allows attackers to make WebSocket connections to the Gitpod JSONRPC server using a victim’s credentials, because the Origin header is not restricted. This can lead to the extraction of data from workspaces, to a full takeover of the workspace.
CVSS 8.2
CVE-2023-0961 WRITEUP MEDIUM
Music Gallery Site 1.0 - SQL Injection via view_music_details.php id Parameter
A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been classified as critical. This affects an unknown part of the file view_music_details.php of the component GET Request Handler. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221631.
CVSS 6.3
CVE-2023-0962 WRITEUP MEDIUM
Music Gallery Site 1.0 - SQL Injection via Master.php GET Request Handler
A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been declared as critical. This vulnerability affects unknown code of the file Master.php of the component GET Request Handler. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221632.
CVSS 6.3
CVE-2023-0963 WRITEUP HIGH
SourceCodester Music Gallery Site 1.0 - Improper Access Control in Users.php POST Request Handler
A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file Users.php of the component POST Request Handler. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221633 was assigned to this vulnerability.
CVSS 7.3
CVE-2023-1065 WRITEUP MEDIUM
Snyk Kubernetes Monitor < 2.0.0 - Unauthenticated Data Injection via Integration ID
This vulnerability in the Snyk Kubernetes Monitor can result in irrelevant data being posted to a Snyk Organization, which could in turn obfuscate other, relevant, security issues. It does not expose the user of the integration to any direct security risk and no user data can be leaked. To exploit the vulnerability the attacker does not need to be authenticated to Snyk but does need to know the target's Integration ID (which may or may not be the same as the Organization ID, although this is an unpredictable UUID in either case).
CVSS 6.5
CVE-2023-1189 WRITEUP LOW
WiseCleaner Wise Folder Hider 4.4.3.202 - Denial of Service in IoControlCode Handler
A vulnerability was found in WiseCleaner Wise Folder Hider 4.4.3.202. It has been declared as problematic. Affected by this vulnerability is the function 0x222400/0x222404/0x222410 in the library WiseFs64.sys of the component IoControlCode Handler. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier VDB-222361 was assigned to this vulnerability.
CVSS 3.3
CVE-2023-1211 WRITEUP HIGH
phpipam < 1.5.2 - SQL Injection
SQL Injection in GitHub repository phpipam/phpipam prior to v1.5.2.
CVSS 7.2
CVE-2023-1211 WRITEUP HIGH
phpipam < 1.5.2 - SQL Injection
SQL Injection in GitHub repository phpipam/phpipam prior to v1.5.2.
CVSS 7.2
CVE-2023-1326 WRITEUP HIGH
apport < 2.26.0 - Privilege Escalation via Terminal Size Manipulation
A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate privilege. It is extremely unlikely that a system administrator would configure sudo to allow unprivileged users to perform this class of exploit.
CVSS 7.7
CVE-2023-1390 WRITEUP HIGH
Linux Kernel 4.3-4.9.252 - Denial of Service via TIPC Module SKB Parsing
A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100%, causing a denial of service condition.
CVSS 7.5
CVE-2023-1415 WRITEUP MEDIUM
Simple Art Gallery 1.0 - Unrestricted Upload
A vulnerability was found in Simple Art Gallery 1.0. It has been declared as critical. This vulnerability affects the function sliderPicSubmit of the file adminHome.php. The manipulation leads to unrestricted upload. The attack can be initiated remotely. VDB-223126 is the identifier assigned to this vulnerability.
CVSS 6.3
CVE-2023-1450 WRITEUP LOW
MP4v2 2.1.2 - Denial of Service
A vulnerability was found in MP4v2 2.1.2 and classified as problematic. This issue affects the function DumpTrack of the file mp4trackdump.cpp. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223295.
CVSS 3.3
CVE-2023-1451 WRITEUP LOW
MP4v2 2.1.2 - Denial of Service
A vulnerability was found in MP4v2 2.1.2. It has been classified as problematic. Affected is the function mp4v2::impl::MP4Track::GetSampleFileOffset of the file mp4track.cpp. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223296.
CVSS 3.3
CVE-2023-1454 WRITEUP MEDIUM
jeecg-boot 3.5.0 - SQL Injection via apiSelectId Parameter
A vulnerability classified as critical has been found in jeecg-boot 3.5.0. This affects an unknown part of the file jmreport/qurestSql. The manipulation of the argument apiSelectId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223299.
CVSS 6.3
CVE-2023-1498 WRITEUP MEDIUM
Responsive Hotel Site 1.0 - SQL Injection
A vulnerability classified as critical has been found in code-projects Responsive Hotel Site 1.0. Affected is an unknown function of the file messages.php of the component Newsletter Log Handler. The manipulation of the argument title leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-223398 is the identifier assigned to this vulnerability.
CVSS 6.3