Writeup Exploits
60,918 exploits tracked across all sources.
IBOS < 4.5.4 - SQL Injection via emailids Parameter in Email API
A vulnerability has been found in IBOS up to 4.5.4 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /?r=email/api/mark&op=delFromSend. The manipulation of the argument emailids leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.5.5 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-224635.
CVSS 6.3
OTCMS 6.0.1 - Unrestricted Upload of File with Dangerous Type via sysCheckFile.php
A vulnerability classified as critical was found in OTCMS 6.0.1. Affected by this vulnerability is an unknown functionality of the file sysCheckFile.php?mudi=sql. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-224749 was assigned to this vulnerability.
CVSS 6.3
EyouCMS < 1.5.4 - Cross-Site Scripting via login.php typename Parameter
A vulnerability, which was classified as problematic, has been found in EyouCMS up to 1.5.4. Affected by this issue is some unknown functionality of the file login.php. The manipulation of the argument typename leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-224750 is the identifier assigned to this vulnerability.
CVSS 3.5
EyouCMS < 1.5.4 - Cross-Site Scripting via tag_tag Parameter in login.php
A vulnerability, which was classified as problematic, was found in EyouCMS up to 1.5.4. This affects an unknown part of the file login.php. The manipulation of the argument tag_tag leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224751.
CVSS 3.5
GitLab <15.9.6-15.10.5-15.11.1 - XSS
A cross-site scripting issue has been discovered in GitLab affecting all versions starting from 5.1 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. When viewing an XML file in a repository in "raw" mode, it can be made to render as HTML if viewed under specific circumstances
CVSS 4.4
taoCMS 3.0.2 - Remote Code Injection in /admin/admin.php
A vulnerability was found in taoCMS 3.0.2. It has been classified as critical. Affected is an unknown function of the file /admin/admin.php. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-225330 is the identifier assigned to this vulnerability.
CVSS 6.3
GitLab EE <15.9.6, <15.10.5, <15.11.1 - Open Redirect
An issue has been discovered in GitLab EE affecting all versions starting from 14.2 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. Lack of verification on RelayState parameter allowed a maliciously crafted URL to obtain access tokens granted for 3rd party Group SAML SSO logins. This feature isn't enabled by default.
CVSS 6.8
Wireshark 3.6.0-3.6.12 and 4.0.0-4.0.4 - Denial of Service via RPCoRDMA Dissector
RPCoRDMA dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file
CVSS 6.3
Wireshark 3.6.0-3.6.12 and 4.0.0-4.0.4 - Denial of Service via LISP Dissector Large Loop
LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file
CVSS 6.3
Wireshark 3.6.0-3.6.12 and 4.0.0-4.0.4 - Denial of Service via GQUIC Dissector Crash
GQUIC dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file
CVSS 6.3
dedecms < 5.7.87 - Remote Code Execution via GetSystemFile Function
A vulnerability was found in DedeCMS up to 5.7.87 and classified as critical. This issue affects the function GetSystemFile of the file module_main.php. The manipulation leads to code injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-225941 was assigned to this vulnerability.
CVSS 6.3
GitLab 10.0-12.9.7, 12.10-12.10.6, 13.0 - Authenticated CI/CD Variable Exposure via Project Import
An issue has been discovered in GitLab affecting all versions starting from 10.0 before 12.9.8, all versions starting from 12.10 before 12.10.7, all versions starting from 13.0 before 13.0.1. A user with the role of developer could use the import project feature to leak CI/CD variables.
CVSS 6.4
GitLab <15.9.8-15.10.7-15.11.3 - Info Disclosure
An issue has been discovered in GitLab affecting all versions before 15.9.8, 15.10.0 before 15.10.7, and 15.11.0 before 15.11.3. A malicious developer could use a git feature called refs/replace to smuggle content into a merge request which would not be visible during review in the UI.
CVSS 6.3
DedeCMS 5.7.106 - Unrestricted File Upload via UpDateMemberModCache Function
A vulnerability was found in DedeCMS 5.7.106 and classified as critical. Affected by this issue is the function UpDateMemberModCache of the file uploads/dede/config.php. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-227750 is the identifier assigned to this vulnerability.
CVSS 6.3
Dromara J2eeFAST < 2.6.0 - Cross-Site Scripting via System Message Handler
A vulnerability was found in Dromara J2eeFAST up to 2.6.0 and classified as problematic. This issue affects some unknown processing of the component System Message Handler. The manipulation of the argument 主题 leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is named 7a9e1a00e3329fdc0ae05f7a8257cce77037134d. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-227867.
CVSS 3.5
Dromara J2eeFAST <= 2.6.0 - Cross-Site Scripting in Announcement Handler
A vulnerability was found in Dromara J2eeFAST up to 2.6.0. It has been classified as problematic. Affected is an unknown function of the component Announcement Handler. The manipulation of the argument 系统工具/公告管理 leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 7a9e1a00e3329fdc0ae05f7a8257cce77037134d. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-227868.
CVSS 3.5
RuoYi < 4.7.6 - Arbitrary File Download via Background Management Module
An arbitrary file download vulnerability in the background management module of RuoYi v4.7.6 and below allows attackers to download arbitrary files in the server.
CVSS 7.5
APNG_Optimizer 1.4 - Buffer Overflow via Ubuntu PNG Processing
APNG_Optimizer v1.4 was discovered to contain a buffer overflow via the component /apngopt/ubuntu.png.
CVSS 7.5
libvirt - Use-After-Free in SR-IOV PCI Device Capability Query
A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autoptr cleanup.
CVSS 5.5
Bus Dispatch and Information System 1.0 - SQL Injection via adminid Parameter
A vulnerability has been found in code-projects Bus Dispatch and Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file view_admin.php. The manipulation of the argument adminid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-229279.
CVSS 6.3
Simple Photo Gallery 1.0 - Unrestricted Upload of File with Dangerous Type
A vulnerability was found in code-projects Simple Photo Gallery 1.0. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to unrestricted upload. The attack can be initiated remotely. VDB-229282 is the identifier assigned to this vulnerability.
CVSS 6.3
Wireshark 3.6.0-3.6.13 and 4.0.0-4.0.5 - Denial of Service via BLF File Parser
BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
CVSS 5.3
Wireshark 3.6.0-3.6.13 and 4.0.0-4.0.5 - Denial of Service via Candump Log Parser
Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
CVSS 5.3
Wireshark 3.6.0-3.6.13 and 4.0.0-4.0.5 - Denial of Service via VMS TCPIPtrace File Parser
VMS TCPIPtrace file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
CVSS 5.3
Wireshark 3.6.0-3.6.13 and 4.0.0-4.0.5 - Denial of Service via BLF File Parser
BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
CVSS 5.3
By Source