Writeup Exploits

60,737 exploits tracked across all sources.

Sort: Activity Stars
CVE-2019-9170 WRITEUP MEDIUM
GitLab < 11.6.10, 11.7.x < 11.7.6, 11.8.x < 11.8.1 - Incorrect Access Control
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control.
CVSS 5.3
CVE-2020-11501 WRITEUP HIGH
GnuTLS <3.6.13 - Cryptographic Error
GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 (2018-07-16) because of an error in a 2017-10-06 commit. The DTLS client always uses 32 '\0' bytes instead of a random value, and thus contributes no randomness to a DTLS negotiation. This breaks the security guarantees of the DTLS protocol.
CVSS 7.4
CVE-2020-13111 WRITEUP HIGH
NaviServer 4.99.4-4.99.19 - Denial of Service via Chunked Transfer Request
NaviServer 4.99.4 to 4.99.19 allows denial of service due to the nsd/driver.c ChunkedDecode function not properly validating the length of a chunk. A remote attacker can craft a chunked-transfer request that will result in a negative value being passed to memmove via the size parameter, causing the process to crash.
CVSS 7.5
CVE-2020-13266 WRITEUP MEDIUM
GitLab CE/EE <13.0.1 - Privilege Escalation
Insecure authorization in Project Deploy Keys in GitLab CE/EE 12.8 and later through 13.0.1 allows users to update permissions of other users' deploy keys under certain conditions
CVSS 4.3
CVE-2020-13278 WRITEUP MEDIUM
RosarioSIS Student Information System < 6.5.1 - Reflected Cross-Site Scripting in Modules.php
Reflected Cross-Site Scripting vulnerability in Modules.php in RosarioSIS Student Information System < 6.5.1 allows remote attackers to execute arbitrary web script via embedding javascript or HTML tags in a GET request.
CVSS 6.1
CVE-2020-13278 WRITEUP MEDIUM
RosarioSIS Student Information System < 6.5.1 - Reflected Cross-Site Scripting in Modules.php
Reflected Cross-Site Scripting vulnerability in Modules.php in RosarioSIS Student Information System < 6.5.1 allows remote attackers to execute arbitrary web script via embedding javascript or HTML tags in a GET request.
CVSS 6.1
CVE-2020-13280 WRITEUP MEDIUM
GitLab <13.0.12-13.2.3 - Memory Corruption
For GitLab before 13.0.12, 13.1.6, 13.2.3 a memory exhaustion flaw exists due to excessive logging of an invite email error message.
CVSS 6.5
CVE-2020-13281 WRITEUP MEDIUM
GitLab 8.9.0-13.0.11 - Denial of Service via Project Import Feature
For GitLab before 13.0.12, 13.1.6, 13.2.3 a denial of service exists in the project import feature
CVSS 6.5
CVE-2020-13282 WRITEUP LOW
GitLab <13.0.12-13.2.3 - Privilege Escalation
For GitLab before 13.0.12, 13.1.6, 13.2.3 after a group transfer occurs, members from a parent group keep their access level on the subgroup leading to improper access.
CVSS 3.1
CVE-2020-13283 WRITEUP HIGH
GitLab 10.8.0-13.0.11 - Cross-Site Scripting via Milestone Title
For GitLab before 13.0.12, 13.1.6, 13.2.3 a cross-site scripting vulnerability exists in the issues list via milestone title.
CVSS 7.3
CVE-2020-13285 WRITEUP HIGH
GitLab 12.9.0-13.0.11 - Cross-Site Scripting in Issue Reference Tooltip
For GitLab before 13.0.12, 13.1.6, 13.2.3 a cross-site scripting (XSS) vulnerability exists in the issue reference number tooltip.
CVSS 7.3
CVE-2020-13286 WRITEUP MEDIUM
GitLab 12.7.0-13.0.11 - Server-Side Request Forgery via Git Configuration Settings
For GitLab before 13.0.12, 13.1.6, 13.2.3 user controlled git configuration settings can be modified to result in Server Side Request Forgery.
CVSS 6.4
CVE-2020-13292 WRITEUP CRITICAL
GitLab <13.0.12-13.2.3 - Auth Bypass
In GitLab before 13.0.12, 13.1.6 and 13.2.3, it is possible to bypass E-mail verification which is required for OAuth Flow.
CVSS 9.6
CVE-2020-13293 WRITEUP MEDIUM
GitLab <13.0.12-13.2.3 - Info Disclosure
In GitLab before 13.0.12, 13.1.6 and 13.2.3 using a branch with a hexadecimal name could override an existing hash.
CVSS 6.3
CVE-2020-13294 WRITEUP MEDIUM
GitLab <13.0.12-13.2.3 - Info Disclosure
In GitLab before 13.0.12, 13.1.6 and 13.2.3, access grants were not revoked when a user revoked access to an application.
CVSS 4.2
CVE-2020-13295 WRITEUP MEDIUM
GitLab Runner <13.0.12-13.2.3 - SSRF
For GitLab Runner before 13.0.12, 13.1.6, 13.2.3, by replacing dockerd with a malicious server, the Shared Runner is susceptible to SSRF.
CVSS 5.4
CVE-2020-13297 WRITEUP LOW
GitLab <13.1.10-13.3.4 - Auth Bypass
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. When 2 factor authentication was enabled for groups, a malicious user could bypass that restriction by sending a specific query to the API endpoint.
CVSS 3.8
CVE-2020-13298 WRITEUP HIGH
GitLab <13.1.10-13.3.4 - Info Disclosure
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Conan package upload functionality was not properly validating the supplied parameters, which resulted in the limited files disclosure.
CVSS 7.2
CVE-2020-13301 WRITEUP MEDIUM
GitLab < 13.1.10 - Stored Cross-Site Scripting on Standalone Vulnerability Page
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was vulnerable to a stored XSS on the standalone vulnerability page.
CVSS 5.5
CVE-2020-13302 WRITEUP LOW
GitLab <13.1.10-13.3.4 - Privilege Escalation
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Under certain conditions GitLab was not properly revoking user sessions and allowed a malicious user to access a user account with an old password.
CVSS 3.8
CVE-2020-13304 WRITEUP LOW
GitLab <13.1.10-13.3.4 - Privilege Escalation
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Same 2 factor Authentication secret code was generated which resulted an attacker to maintain access under certain conditions.
CVSS 3.8
CVE-2020-13305 WRITEUP LOW
GitLab <13.1.10-13.3.4 - Info Disclosure
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was not invalidating project invitation link upon removing a user from a project.
CVSS 3.5
CVE-2020-13306 WRITEUP LOW
GitLab < 13.1.10 - Denial of Service via Webhook Rate Limitation Bypass
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab Webhook feature could be abused to perform denial of service attacks due to the lack of rate limitation.
CVSS 3.7
CVE-2020-13309 WRITEUP MEDIUM
GitLab <13.1.10-13.3.4 - Blind SSRF
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was vulnerable to a blind SSRF attack through the repository mirroring feature.
CVSS 5.4
CVE-2020-13310 WRITEUP MEDIUM
GitLab Runner < 13.1.3, 13.2.3, 13.3.1 - Denial of Service via Malformed Queries
A vulnerability was discovered in GitLab runner versions before 13.1.3, 13.2.3 and 13.3.1. It was possible to make the gitlab-runner process crash by sending malformed queries, resulting in a denial of service.
CVSS 6.5
By Source
All 60,737 Writeup 60,737 Exploitdb 50,017 Nomisec 22,011 Metasploit 3,235 Github 3,037 Vulncheck_xdb 909 Inthewild 514 Gitlab 461 Gitee 415 Patchapalooza 312
By Language
text 31,348 python 6,253 ruby 5,925 c 3,601 perl 2,849 html 2,057 php 1,327 bash 460 java 364 c++ 253 javascript 221 shell 106 go 65 postscript 25 xml 24