Writeup Exploits
64,419 exploits tracked across all sources.
TOTOLINK A6000R V1.0.1-B20201211.2000 - OS Command Injection via ifname Parameter
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function.
CVSS 9.8
TOTOLINK A6000R V1.0.1-B20201211.2000 - OS Command Injection via ifname Parameter in apcli_do_enr_pbc_wps
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function.
CVSS 8.0
TOTOLINK A6000R V1.0.1-B20201211.2000 - OS Command Injection via ifname Parameter
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function.
CVSS 9.8
TOTOLINK A6000R V1.0.1-B20201211.2000 - OS Command Injection via Webcmd Function
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the cmd parameter in the webcmd function.
CVSS 9.8
TOTOLINK A6000R V1.0.1-B20201211.2000 - OS Command Injection via Webcmd Function
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the cmd parameter in the webcmd function.
CVSS 9.8
TOTOLINK A6000R V1.0.1-B20201211.2000 - OS Command Injection via ifname Parameter
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the get_apcli_conn_info function.
CVSS 8.8
openflights - Cross-Site Scripting via php/alsearch.php
openflights commit 5234b5b is vulnerable to Cross-Site Scripting (XSS) via php/alsearch.php
CVSS 6.1
phpipam 1.6 - Cross-Site Scripting via PowerDNS Record Edit Page
phpipam 1.6 is vulnerable to Cross Site Scripting (XSS) via /app/admin/powerDNS/record-edit.php.
CVSS 7.1
phpipam 1.6 - Cross-Site Scripting via Import Load Data
phpipam 1.6 is vulnerable to Cross Site Scripting (XSS) via app\admin\import-export\import-load-data.php.
CVSS 6.1
phpipam 1.6 - Cross-Site Scripting via Import Load Data
phpipam 1.6 is vulnerable to Cross Site Scripting (XSS) via app\admin\import-export\import-load-data.php.
CVSS 6.1
hicolor 0.5.0 - Heap-based Buffer Overflow in cp_unfilter() via Crafted PNG File
A heap buffer overflow in the function cp_unfilter() (/vendor/cute_png.h) of hicolor v0.5.0 allows attackers to cause a Denial of Service (DoS) via a crafted PNG file.
CVSS 5.5
hicolor 0.5.0 - Heap-based Buffer Overflow in cp_stored Function
A heap buffer overflow in the function cp_stored() (/vendor/cute_png.h) of hicolor v0.5.0 allows attackers to cause a Denial of Service (DoS) via a crafted PNG file.
CVSS 6.2
hicolor 0.5.0 - Heap Buffer Overflow in cp_block Function via Crafted PNG File
A heap buffer overflow in the function cp_block() (/vendor/cute_png.h) of hicolor v0.5.0 allows attackers to cause a Denial of Service (DoS) via a crafted PNG file.
CVSS 5.5
hicolor 0.5.0 - Heap-based Buffer Overflow in png_quantize()
A heap buffer overflow in the function png_quantize() of hicolor v0.5.0 allows attackers to cause a Denial of Service (DoS) via a crafted PNG file.
CVSS 6.2
hicolor 0.5.0 - Stack Overflow in cp_dynamic Function via Crafted PNG File
A stack overflow in the function cp_dynamic() (/vendor/cute_png.h) of hicolor v0.5.0 allows attackers to cause a Denial of Service (DoS) via a crafted PNG file.
CVSS 5.5
Process Maker pm4core-docker <4.1.21-RC7 - XSS
A cross-site scripting (XSS) vulnerability in Process Maker pm4core-docker 4.1.21-RC7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter.
CVSS 4.8
Process Maker pm4core-docker <4.1.21-RC7 - XSS
A cross-site scripting (XSS) vulnerability in Process Maker pm4core-docker 4.1.21-RC7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter.
CVSS 4.8
JustEnoughItems < 11.6.0.1021 - Item Duplication via Unvalidated Slot Index
JustEnoughItems (JEI) 19.5.0.33 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index in JEI for Minecraft, which allows in-game item duplication.
CVSS 4.3
D-Link DIR-300 REVA - Info Disclosure
D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contains hardcoded credentials in the Telnet service.
CVSS 9.8
PrestaShop < 8.1.7 - Server-Side Request Forgery via Module Upgrade Functionality
An issue in Prestashop v.8.1.7 and before allows a remote attacker to execute arbitrary code via the module upgrade functionality. NOTE: this is disputed by multiple parties, who report that exploitation requires that an attacker be able to hijack network requests made by an admin user (who, by design, is allowed to change the code that is running on the server).
CVSS 8.1
Argo CD 2.6.0-2.9.21 - Privilege Escalation via Web Terminal Permission Revocation Bypass
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD has a Web-based terminal that allows users to get a shell inside a running pod, just as they would with kubectl exec. Starting in version 2.6.0, when the administrator enables this function and grants permission to the user `p, role:myrole, exec, create, */*, allow`, even if the user revokes this permission, the user can still perform operations in the container, as long as the user keeps the terminal view open for a long time. Although the token expiration and revocation of the user are fixed, however, the fix does not address the situation of revocation of only user `p, role:myrole, exec, create, */*, allow` permissions, which may still lead to the leakage of sensitive information. A patch for this vulnerability has been released in Argo CD versions 2.11.7, 2.10.16, and 2.9.21.
CVSS 4.7
OpenObserve 0.4.4-0.10.0 - Stored Cross-Site Scripting in MemberSubscription.vue
OpenObserve is an open-source observability platform. Starting in version 0.4.4 and prior to version 0.10.0, OpenObserve contains a cross-site scripting vulnerability in line 32 of `openobserve/web/src/views/MemberSubscription.vue`. Version 0.10.0 sanitizes incoming html.
CVSS 7.2
ImageMagick 7.0.11-13-7.1.1-36 - Uncontrolled Search Path Element via MAGICK_CONFIGURE_PATH and LD_LIBRARY_PATH
ImageMagick is a free and open-source software suite, used for editing and manipulating digital images. The `AppImage` version `ImageMagick` might use an empty path when setting `MAGICK_CONFIGURE_PATH` and `LD_LIBRARY_PATH` environment variables while executing, which might lead to arbitrary code execution by loading malicious configuration files or shared libraries in the current working directory while executing `ImageMagick`. The vulnerability is fixed in 7.11-36.
CVSS 7.0
fast-xml-parser >=4.3.5 <4.4.1 - Uncontrolled Resource Consumption via ReDOS in Currency Parser
fast-xml-parser is an open source, pure javascript xml parser. a ReDOS exists on currency.js. This vulnerability is fixed in 4.4.1.
CVSS 7.5
XWiki 11.8-15.10.7 - Stored Cross-Site Scripting via Edit Conflict
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. By creating a conflict when another user with more rights is currently editing a page, it is possible to execute JavaScript snippets on the side of the other user, which compromises the confidentiality, integrity and availability of the whole XWiki installation. This has been patched in XWiki 15.10.8 and 16.3.0RC1.
CVSS 9.0
By Source