Lucene search
K

39 matches found

Positive Technologies
Positive Technologies
added 2025/05/20 12:0 a.m.6 views

PT-2025-22316 · Part-Db · Part-Db

Name of the Vulnerable Software and Affected Versions: Part-DB versions up to 1.17.0 Description: A vulnerability was found in the Profile Picture Feature of Part-DB, affecting the handleUpload function of the AttachmentSubmitHandler.php file. The manipulation of the attachment argument leads to...

5.1CVSS3.5AI score0.00269EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/05/20 12:0 a.m.5 views

Part-DB 代码注入漏洞

Part-DB is an open source web-based database from Part-DB for managing electronic components. A code injection vulnerability exists in Part-DB 1.17.0 and earlier versions, which stems from the improper handling of the parameter attachment in the file...

5.1CVSS4.7AI score0.00269EPSS
Exploits0References6
NVD
NVD
added 2023/02/27 3:15 p.m.17 views

CVE-2023-26042

Part-DB is an open source inventory management system for your electronic components. User input was found not being properly escaped, which allowed malicious users to inject arbitrary HTML into the pages. The Content-Security-Policy forbids inline and external scripts so it is not possible to...

6.1CVSS6.4AI score0.0051EPSS
Exploits0References4
CVE
CVE
added 2023/02/27 2:41 p.m.50 views

CVE-2023-26042

CVE-2023-26042 affects Part-DB, an open-source inventory management system for electronic components. The root issue is improper escaping of user input, enabling HTML/XSS injection into pages. The CSP blocks inline and external scripts, limiting exploitability to combinations with other vulnerabi...

6.1CVSS6.4AI score0.0051EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/27 2:41 p.m.4 views

CVE-2023-26042 HTML/XSS injection possibilities in Part-DB

Part-DB is an open source inventory management system for your electronic components. User input was found not being properly escaped, which allowed malicious users to inject arbitrary HTML into the pages. The Content-Security-Policy forbids inline and external scripts so it is not possible to...

6.1CVSS6.6AI score0.0051EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/02/27 2:41 p.m.26 views

CVE-2023-26042 HTML/XSS injection possibilities in Part-DB

Part-DB is an open source inventory management system for your electronic components. User input was found not being properly escaped, which allowed malicious users to inject arbitrary HTML into the pages. The Content-Security-Policy forbids inline and external scripts so it is not possible to...

6.1CVSS6.6AI score0.0051EPSS
Exploits0References4
Check Point Advisories
Check Point Advisories
added 2022/11/10 12:0 a.m.9 views

Part-DB Project Unrestricted File Upload (CVE-2022-0848)

An unrestricted file upload vulnerability exists in Part-DB Project. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5AI score0.35436EPSS
Exploits5
GithubExploit
GithubExploit
added 2022/03/11 7:26 a.m.278 views

Exploit for OS Command Injection in Part-Db_Project Part-Db

CVE-2022-0848 Remo...

10CVSS9.8AI score0.35436EPSS
Exploits5
Packet Storm
Packet Storm
added 2022/03/07 12:0 a.m.258 views

part-db 0.5.11 Remote Code Execution

Exploit Title: part-db 0.5.11 - Remote Code Execution RCE Google Dork: NA Date: 03/04/2022 Exploit Author: Sunny Mehra @DSKMehra Vendor Homepage: https://github.com/part-db/part-db Software Link: https://github.com/part-db/part-db Version: 0.5.11. Tested on: KALI OS CVE : CVE-2022-0848...

9.6AI score0.35436EPSS
Exploits5
0day.today
0day.today
added 2022/03/07 12:0 a.m.542 views

part-db 0.5.11 - Remote Code Execution Exploit

Exploit Title: part-db 0.5.11 - Remote Code Execution RCE Exploit Author: Sunny Mehra @DSKMehra Vendor Homepage: https://github.com/part-db/part-db Software Link: https://github.com/part-db/part-db Version: 0.5.11. Tested on: KALI OS CVE : CVE-2022-0848 --------------- !/bin/bash...

10CVSS9.6AI score0.35436EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/03/07 12:0 a.m.433 views

part-db 0.5.11 - Remote Code Execution (RCE)

Exploit Title: part-db 0.5.11 - Remote Code Execution RCE Google Dork: NA Date: 03/04/2022 Exploit Author: Sunny Mehra @DSKMehra Vendor Homepage: https://github.com/part-db/part-db Software Link: https://github.com/part-db/part-db Version: 0.5.11. Tested on: KALI OS CVE : CVE-2022-0848...

10CVSS9.2AI score0.35436EPSS
Exploits5
ATTACKERKB
ATTACKERKB
added 2022/03/04 9:15 a.m.6 views

CVE-2022-0848

OS Command Injection in GitHub repository part-db/part-db prior to 0.5.11...

10CVSS7.8AI score0.35436EPSS
Exploits5References4
Prion
Prion
added 2022/03/04 9:15 a.m.13 views

Command injection

OS Command Injection in GitHub repository part-db/part-db prior to 0.5.11...

10CVSS9.7AI score0.35436EPSS
Exploits5References3Affected Software1
CVE
CVE
added 2022/03/04 8:25 a.m.112 views

CVE-2022-0848

Summary (CVE-2022-0848): part-db/part-db prior to 0.5.11 is vulnerable to an OS Command Injection via unrestricted file upload, enabling remote code execution on the affected web server. Multiple sources document an RCE exploit and practical PoCs (e.g., packetstorm/huntr/exploit-db) that leverage...

10CVSS9.7AI score0.35436EPSS
Exploits5References3Affected Software1
Cvelist
Cvelist
added 2022/03/04 8:25 a.m.45 views

CVE-2022-0848 OS Command Injection in part-db/part-db

OS Command Injection in GitHub repository part-db/part-db prior to 0.5.11...

10CVSS10AI score0.35436EPSS
Exploits5References3
OSV
OSV
added 2022/03/04 8:25 a.m.24 views

CVE-2022-0848 OS Command Injection in part-db/part-db

OS Command Injection in GitHub repository part-db/part-db prior to 0.5.11...

10CVSS9.4AI score0.35436EPSS
Exploits5References5
exploitpack
exploitpack
added 2019/10/28 12:0 a.m.15 views

Part-DB 0.4 - Authentication Bypass

Part-DB 0.4 - Authentication Bypass Exploit Title: Part-DB 0.4 - Authentication Bypass Date: 2019-10-26 Author: Marvoloo Vendor Homepage: https://github.com/Part-DB/Part-DB/ Software Link: https://github.com/Part-DB/Part-DB/archive/master.zip Version: 0.4 Tested on: Linux CVE : N/A Discription:...

0.3AI score
Exploits0
0day.today
0day.today
added 2019/10/28 12:0 a.m.79 views

Part-DB 0.4 - Authentication Bypass Vulnerability

Exploit for php platform in category web applications...

1.8AI score
Exploits0
Packet Storm
Packet Storm
added 2019/10/26 12:0 a.m.129 views

Part-DB 0.4 Authentication Bypass

Exploit Title: Part-DB 0.4 - Authentication Bypass Date: 2019-10-26 Author: Marvoloo Vendor Homepage: https://github.com/Part-DB/Part-DB/ Software Link: https://github.com/Part-DB/Part-DB/archive/master.zip Version: 0.4 Tested on: Linux CVE : N/A Discription: Easy authentication bypass...

0.3AI score
Exploits0
Rows per page
Query Builder