Exploit Database
144,806 exploits tracked across all sources.
cute_png v1.05 - Heap Buffer Overflow in cp_load_png_mem()
cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_load_png_mem() function at cute_png.h.
CVSS 7.8
cute_png v1.05 - Heap Buffer Overflow in cp_unfilter()
cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_unfilter() function at cute_png.h.
CVSS 7.8
cute_png v1.05 - Heap Buffer Overflow in cp_make32()
cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_make32() function at cute_png.h.
CVSS 7.8
cute_png v1.05 - Stack Overflow in cp_dynamic()
cute_png v1.05 was discovered to contain a stack overflow via the cp_dynamic() function at cute_png.h.
CVSS 7.8
cute_png v1.05 - Heap-based Buffer Overflow via cp_find()
cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_find() function at cute_png.h.
CVSS 7.8
cute_png v1.05 - Heap Buffer Overflow in cp_block()
cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_block() function at cute_png.h.
CVSS 7.8
cute_png v1.05 - Heap Buffer Overflow in cp_stored()
cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_stored() function at cute_png.h.
CVSS 7.8
cute_png v1.05 - Heap Buffer Overflow in cp_chunk Function
cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_chunk() function at cute_png.h.
CVSS 7.8
Teedy 1.11 - Cross-Site Scripting via Management Console
Teedy 1.11 is vulnerable to Cross Site Scripting (XSS) via the management console.
CVSS 8.4
Best House Rental Management System 1.0 - Arbitrary File Upload via save_settings() Function
Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the save_settings() function of the file rental/admin_class.php.
CVSS 9.8
TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 - Buffer Overflow in setWiFiAclRules via desc Parameter
TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the setWiFiAclRules function via the desc parameter.
CVSS 9.8
VigyBag Open Source Online Shop <commit 3f0e21b - SSRF
A Host Header injection vulnerability in the password reset function of VigyBag Open Source Online Shop commit 3f0e21b allows attackers to redirect victim users to a malicious site via a crafted URL.
CVSS 6.1
Venki Supravizio BPM <= 18.0.1 - Authenticated Arbitrary File Upload and Remote Code Execution
Venki Supravizio BPM through 18.0.1 was discovered to contain an arbitrary file upload vulnerability. An authenticated attacker may upload a malicious file, leading to remote code execution.
CVSS 9.9
Venki Supravizio BPM < 18.0.1 - Authenticated NTLM Hash Leak
An NTLM hash leak in Venki Supravizio BPM up to 18.0.1 allows authenticated attackers with Application Administrator access to escalate privileges on the underlying host system.
CVSS 8.4
Venki Supravizio BPM < 18.1.1 - Open Redirect and Reflected Cross-Site Scripting
The login page of Venki Supravizio BPM up to 18.1.1 is vulnerable to open redirect leading to reflected XSS.
CVSS 7.2
OpenHIS 1.0 - SQL Injection via PayController Refund Function
SQL Injection vulnerability in OpenHIS v.1.0 allows an attacker to execute arbitrary code via the refund function in the PayController.class.php component.
CVSS 9.8
OpenHIS 1.0 - SQL Injection via PayController Refund Function
SQL Injection vulnerability in OpenHIS v.1.0 allows an attacker to execute arbitrary code via the refund function in the PayController.class.php component.
CVSS 9.8
pfSense 2.5.2 - Stored Cross-Site Scripting via $pconfig Variable in interfaces_groups_edit.php
A cross-site scripting (XSS) vulnerability in pfsense v2.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the $pconfig variable at interfaces_groups_edit.php.
CVSS 4.8
emlog < 2.3.15 - Remote Code Execution via /admin/store.php File Download
A remote code execution (RCE) vulnerability in the component /admin/store.php of Emlog Pro before v2.3.15 allows attackers to use remote file downloads and self-extract fucntions to upload webshells to the target server, thereby obtaining system privileges.
CVSS 6.3
IceCMS < 3.4.7 - JWT Authentication Bypass via Hardcoded Key
IceCMS v3.4.7 and before was discovered to contain a hardcoded JWT key, allowing an attacker to forge JWT authentication information.
CVSS 9.8
IceCMS < 3.4.7 - Unauthenticated Arbitrary User Information Modification via UserController ChangeUser Endpoint
An access control issue in IceCMS v3.4.7 and before allows attackers to arbitrarily modify users' information, including username and password, via a crafted POST request sent to the endpoint /User/ChangeUser/s in the ChangeUser function in UserController.java
CVSS 7.5
IceCMS < 3.4.7 - Unauthenticated Information Disclosure via CheckVip Function
An access control issue in the CheckVip function in UserController.java of IceCMS v3.4.7 and before allows unauthenticated attackers to access and returns all user information, including passwords
CVSS 7.5
IceCMS < 3.4.7 - Unauthenticated Authentication Bypass via LoginAdmin Method
Incorrect access control in IceCMS v3.4.7 and before allows attackers to authenticate by entering any arbitrary values as the username and password via the loginAdmin method in the UserController.java file.
CVSS 7.6
OS4ED openSIS-Classic 9.1 - SQL Injection via Crafted Payload
OS4ED openSIS-Classic v9.1 was discovered to contain a SQL injection vulnerability via a crafted payload.
CVSS 8.8
HelpDeskZ 2.0.2 - Stored Cross-Site Scripting via Custom Fields Name Parameter
A cross-site scripting (XSS) vulnerability in HelpDeskZ v2.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field of Custom Fields message box.
CVSS 7.6
By Source