Writeup Exploits
60,933 exploits tracked across all sources.
Niushop B2B2C < 5.3.3 - SQL Injection via Address.php deleteArea() Function
SQL injection vulnerability in Niushop B2B2C v.5.3.3 and before allows an attacker to escalate privileges via the deleteArea() function of the Address.php component.
CVSS 5.4
Niushop B2B2C < 5.3.3 - SQL Injection via Goodsbatchset.php setPrice() Function
SQL injection vulnerability in Niushop B2B2C v.5.3.3 and before allows an attacker to escalate privileges via the setPrice() function of the Goodsbatchset.php component.
CVSS 8.8
lakernote EasyAdmin < 2024-03-15 - Server-Side Request Forgery via Thumbnail URL Parameter
A vulnerability, which was classified as critical, was found in lakernote EasyAdmin up to 20240315. Affected is the function thumbnail of the file src/main/java/com/laker/admin/module/sys/controller/IndexController.java. The manipulation of the argument url leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The patch is identified as 23165d8cb569048c531150f194fea39f8800b8d5. It is recommended to apply a patch to fix this issue. VDB-257718 is the identifier assigned to this vulnerability.
CVSS 6.3
SEMCMS 4.8 - Remote Code Execution
An issue in SEMCMS v.4.8 allows a remote attacker to execute arbitrary code via a crafted script.
CVSS 7.1
Laravel 11.x - XML External Entity Injection
Laravel v11.x was discovered to contain an XML External Entity (XXE) vulnerability.
CVSS 4.3
SeaCMS 12.9 - Authenticated Remote Code Execution via admin_weixin.php
SeaCMS 12.9 has a remote code execution vulnerability. The vulnerability is caused by admin_weixin.php directly splicing and writing the user input data into weixin.php without processing it, which allows authenticated attackers to exploit the vulnerability to execute arbitrary commands and obtain system permissions.
CVSS 8.8
SeaCMS 12.9 - Remote Code Execution
SeaCMS 12.9 has a remote code execution vulnerability. The vulnerability is caused by admin_smtp.php directly splicing and writing the user input data into weixin.php without processing it, which allows authenticated attackers to exploit the vulnerability to execute arbitrary commands and obtain system permissions.
CVSS 8.8
SeaCMS 12.9 - Remote Code Execution
SeaCMS 12.9 has a remote code execution vulnerability. The vulnerability is caused by admin_config_mark.php directly splicing and writing the user input data into inc_photowatermark_config.php without processing it, which allows authenticated attackers to exploit the vulnerability to execute arbitrary commands and obtain system permissions.
CVSS 8.8
SeaCMS 12.9 - Authenticated Remote Code Execution via admin_template.php
SeaCMS 12.9 has a remote code execution vulnerability. The vulnerability is due to the fact that although admin_template.php imposes certain restrictions on the edited file, attackers can still bypass the restrictions and write code in some way, allowing authenticated attackers to exploit the vulnerability to execute arbitrary commands and gain system privileges.
CVSS 8.8
SeaCMS 12.9 - Authenticated Remote Code Execution via phomebak.php Variable Injection
There is a remote code execution vulnerability in SeaCMS 12.9. The vulnerability is caused by phomebak.php writing some variable names passed in without filtering them before writing them into the php file. An authenticated attacker can exploit this vulnerability to execute arbitrary commands and obtain system permissions.
CVSS 8.8
SeaCMS 13.0 - Authenticated Remote Code Execution via admin_editplayer.php
SeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that although admin_editplayer.php imposes restrictions on edited files, attackers can still bypass these restrictions and write code, allowing authenticated attackers to exploit the vulnerability to execute arbitrary commands and gain system privileges.
CVSS 6.7
SeaCMS 13.0 - Authenticated Remote Code Execution via admin_files.php
SeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that although admin_files.php imposes restrictions on edited files, attackers can still bypass these restrictions and write code, allowing authenticated attackers to exploit the vulnerability to execute arbitrary commands and gain system privileges.
CVSS 8.8
giflib 5.2.2 - Heap-based Buffer Overflow via gif2rgb
Giflib Project v5.2.2 is vulnerable to a heap buffer overflow via gif2rgb.
CVSS 6.5
SeaCMS 13.2 - Remote Code Execution via MySQL Slow Query Method
SeaCMS 13.2 has a remote code execution vulnerability located in the file sql.class.chp. Although the system has a check function, the check function is not executed during execution, allowing remote code execution by writing to the file through the MySQL slow query method.
CVSS 9.8
oath-toolkit <2.6.12 - Privilege Escalation
pam_oath.so in oath-toolkit 2.6.7 through 2.6.11 before 2.6.12 allows root privilege escalation because, in the context of PAM code running as root, it mishandles usersfile access, such as by calling fchown in the presence of a symlink.
CVSS 7.1
Realtek RTL8762E BLE SDK <1.4.0 - DoS
An issue in the Bluetooth Low Energy implementation of Realtek RTL8762E BLE SDK v1.4.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted ll_terminate_ind packet.
CVSS 4.3
JEEWMS 20250820 - SQL Injection in exportXls Function
JEEWMS 20250820 is vulnerable to SQL Injection in the exportXls function located in the src/main/java/org/jeecgframework/web/cgreport/controller/excel/CgExportExcelController.java file.
CVSS 9.4
JeeWMS 20250820 - Authenticated Arbitrary File Upload and Remote Code Execution via saveFiles Function
An arbitrary file upload vulnerability exists in JeeWMS 20250820, which is caused by the lack of file checking in the saveFiles function in /jeewms/cgUploadController.do. An attacker with normal privileges was able to upload a malicious file that would lead to remote code execution.
CVSS 6.5
JeeWMS < 2025-05-04 - Improper Access Control in File Handler
A vulnerability, which was classified as critical, was found in JeeWMS up to 20250504. This affects the function filedeal of the file /systemController/filedeal.do of the component File Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.
CVSS 6.3
JeeWMS < 2025-05-04 - Improper Access Control in File Handler
A vulnerability, which was classified as critical, has been found in JeeWMS up to 20250504. Affected by this issue is the function dogenerateOne2Many of the file /generateController.do?dogenerateOne2Many of the component File Handler. The manipulation leads to improper access controls. The attack may be launched remotely. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
CVSS 6.3
JeeWMS < 2025-05-04 - SQL Injection via /generateController.do?dogenerate
A vulnerability classified as critical was found in JeeWMS up to 20250504. Affected by this vulnerability is the function dogenerate of the file /generateController.do?dogenerate. The manipulation leads to sql injection. The attack can be launched remotely. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.
CVSS 6.3
JeeWMS < 2025-05-04 - Improper Access Control in File Handler
A vulnerability classified as critical has been found in JeeWMS up to 20250504. Affected is the function dogenerate of the file /generateController.do?dogenerate of the component File Handler. The manipulation leads to improper access controls. It is possible to launch the attack remotely. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.
CVSS 6.3
JeeWMS < 2025-05-04 - SQL Injection via transEditor Function
A vulnerability was found in JeeWMS up to 20250504. It has been rated as critical. This issue affects the function transEditor of the file /cgformTransController.do?transEditor. The manipulation leads to sql injection. The attack may be initiated remotely. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.
CVSS 6.3
JeeWMS < 2025-05-04 - Path Traversal via cgformTemplateController.do?doAdd
A vulnerability was found in JeeWMS up to 20250504. It has been declared as critical. This vulnerability affects the function doAdd of the file /cgformTemplateController.do?doAdd. The manipulation leads to path traversal. The attack can be initiated remotely. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
CVSS 6.3
JeeWMS < 2025-05-04 - SQL Injection via CgAutoListController
A vulnerability was found in JeeWMS up to 20250504. It has been classified as critical. This affects the function CgAutoListController of the file /cgAutoListController.do?datagrid. The manipulation leads to sql injection. It is possible to initiate the attack remotely. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.
CVSS 6.3
By Source