Writeup Exploits

60,254 exploits tracked across all sources.

Sort: Activity Stars
CVE-2022-31530 WRITEUP CRITICAL
csm-aut/csm <3.5 - Path Traversal
The csm-aut/csm repository through 3.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
CVE-2022-31529 WRITEUP CRITICAL
cinemaproject/monorepo <2021-03-03 - Path Traversal
The cinemaproject/monorepo repository through 2021-03-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
CVE-2022-31528 WRITEUP CRITICAL
Bonn-Activity-Maps bam-annotation-tool - Path Traversal
The bonn-activity-maps/bam_annotation_tool repository through 2021-08-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
CVE-2022-31527 WRITEUP CRITICAL
Wildog/flask-file-server <2020-02-20 - Path Traversal
The Wildog/flask-file-server repository through 2020-02-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
CVE-2022-31526 WRITEUP CRITICAL
ThundeRatz/ThunderDocs <2020-05-01 - Path Traversal
The ThundeRatz/ThunderDocs repository through 2020-05-01 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
CVE-2022-31525 WRITEUP CRITICAL
SummaLabs/DLS <0.1.0 - Path Traversal
The SummaLabs/DLS repository through 0.1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
CVE-2022-31524 WRITEUP CRITICAL
PureStorage-OpenConnect/swagger <1.1.5 - Path Traversal
The PureStorage-OpenConnect/swagger repository through 1.1.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
CVE-2022-31523 WRITEUP CRITICAL
PaddlePaddle/Anakin <0.1.1 - Path Traversal
The PaddlePaddle/Anakin repository through 0.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
CVE-2022-31522 WRITEUP CRITICAL
NotVinay/karaokey <2019-12-11 - Path Traversal
The NotVinay/karaokey repository through 2019-12-11 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
CVE-2022-31521 WRITEUP CRITICAL
Niyaz-Mohamed/mosaic <1.0.0 - Path Traversal
The Niyaz-Mohamed/mosaic repository through 1.0.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
CVE-2022-31520 WRITEUP CRITICAL
Luxas98/logstash-management-api <2020-05-04 - Path Traversal
The Luxas98/logstash-management-api repository through 2020-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
CVE-2022-31519 WRITEUP CRITICAL
Lukasavicus/WindMill <1.0 - Path Traversal
The Lukasavicus/WindMill repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
CVE-2022-31518 WRITEUP CRITICAL
JustAnotherSoftwareDeveloper/Python-Recipe-Database <2021-03-31 - P...
The JustAnotherSoftwareDeveloper/Python-Recipe-Database repository through 2021-03-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
CVE-2022-31517 WRITEUP CRITICAL
HolgerGraef/MSM <2021-04-20 - Path Traversal
The HolgerGraef/MSM repository through 2021-04-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
CVE-2022-31516 WRITEUP CRITICAL
Harveyzyh/Python <2022-05-04 - Path Traversal
The Harveyzyh/Python repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
CVE-2022-31515 WRITEUP CRITICAL
Delor4/CarceresBE <1.0 - Path Traversal
The Delor4/CarceresBE repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
CVE-2022-31514 WRITEUP CRITICAL
Caoyongqi912/Fan_Platform <2021-04-20 - Path Traversal
The Caoyongqi912/Fan_Platform repository through 2021-04-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
CVE-2022-31513 WRITEUP CRITICAL
BolunHan/Krypton <2021-06-03 - Path Traversal
The BolunHan/Krypton repository through 2021-06-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
CVE-2022-31512 WRITEUP CRITICAL
Atom02/flask-mvc <2020-09-14 - Path Traversal
The Atom02/flask-mvc repository through 2020-09-14 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
CVE-2022-31511 WRITEUP CRITICAL
AFDudley/equanimity <2014-04-23 - Path Traversal
The AFDudley/equanimity repository through 2014-04-23 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
CVE-2022-31510 WRITEUP CRITICAL
SergeKashkin/Simple-RAT <2022-05-03 - Path Traversal
The sergeKashkin/Simple-RAT repository before 2022-05-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
CVE-2022-31509 WRITEUP CRITICAL
GitHub iedadata/usap-dc-website <1.0.1 - Path Traversal
The iedadata/usap-dc-website repository through 1.0.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
CVE-2022-31508 WRITEUP CRITICAL
idayrus/evoting <2022-05-08 - Path Traversal
The idayrus/evoting repository before 2022-05-08 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
CVE-2022-31507 WRITEUP CRITICAL
ganga-devs/ganga <8.5.10 - Path Traversal
The ganga-devs/ganga repository before 8.5.10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
CVE-2022-31506 WRITEUP CRITICAL
cmusatyalab/opendiamond <10.1.1 - Path Traversal
The cmusatyalab/opendiamond repository through 10.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
By Source
All 60,254 Writeup 60,254 Exploitdb 50,004 Nomisec 21,798 Metasploit 3,224 Github 2,598 Vulncheck_xdb 906 Inthewild 514 Gitlab 442 Gitee 415 Patchapalooza 312
By Language
text 31,339 python 5,976 ruby 5,913 c 3,568 perl 2,849 html 2,053 php 1,326 bash 460 java 362 c++ 250 javascript 215 shell 91 go 55 postscript 25 xml 24