39 matches found
PT-2025-22316 · Part-Db · Part-Db
Name of the Vulnerable Software and Affected Versions: Part-DB versions up to 1.17.0 Description: A vulnerability was found in the Profile Picture Feature of Part-DB, affecting the handleUpload function of the AttachmentSubmitHandler.php file. The manipulation of the attachment argument leads to...
Part-DB 代码注入漏洞
Part-DB is an open source web-based database from Part-DB for managing electronic components. A code injection vulnerability exists in Part-DB 1.17.0 and earlier versions, which stems from the improper handling of the parameter attachment in the file...
CVE-2023-26042
Part-DB is an open source inventory management system for your electronic components. User input was found not being properly escaped, which allowed malicious users to inject arbitrary HTML into the pages. The Content-Security-Policy forbids inline and external scripts so it is not possible to...
CVE-2023-26042
CVE-2023-26042 affects Part-DB, an open-source inventory management system for electronic components. The root issue is improper escaping of user input, enabling HTML/XSS injection into pages. The CSP blocks inline and external scripts, limiting exploitability to combinations with other vulnerabi...
CVE-2023-26042 HTML/XSS injection possibilities in Part-DB
Part-DB is an open source inventory management system for your electronic components. User input was found not being properly escaped, which allowed malicious users to inject arbitrary HTML into the pages. The Content-Security-Policy forbids inline and external scripts so it is not possible to...
CVE-2023-26042 HTML/XSS injection possibilities in Part-DB
Part-DB is an open source inventory management system for your electronic components. User input was found not being properly escaped, which allowed malicious users to inject arbitrary HTML into the pages. The Content-Security-Policy forbids inline and external scripts so it is not possible to...
Part-DB Project Unrestricted File Upload (CVE-2022-0848)
An unrestricted file upload vulnerability exists in Part-DB Project. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Exploit for OS Command Injection in Part-Db_Project Part-Db
CVE-2022-0848 Remo...
part-db 0.5.11 Remote Code Execution
Exploit Title: part-db 0.5.11 - Remote Code Execution RCE Google Dork: NA Date: 03/04/2022 Exploit Author: Sunny Mehra @DSKMehra Vendor Homepage: https://github.com/part-db/part-db Software Link: https://github.com/part-db/part-db Version: 0.5.11. Tested on: KALI OS CVE : CVE-2022-0848...
part-db 0.5.11 - Remote Code Execution Exploit
Exploit Title: part-db 0.5.11 - Remote Code Execution RCE Exploit Author: Sunny Mehra @DSKMehra Vendor Homepage: https://github.com/part-db/part-db Software Link: https://github.com/part-db/part-db Version: 0.5.11. Tested on: KALI OS CVE : CVE-2022-0848 --------------- !/bin/bash...
part-db 0.5.11 - Remote Code Execution (RCE)
Exploit Title: part-db 0.5.11 - Remote Code Execution RCE Google Dork: NA Date: 03/04/2022 Exploit Author: Sunny Mehra @DSKMehra Vendor Homepage: https://github.com/part-db/part-db Software Link: https://github.com/part-db/part-db Version: 0.5.11. Tested on: KALI OS CVE : CVE-2022-0848...
CVE-2022-0848
OS Command Injection in GitHub repository part-db/part-db prior to 0.5.11...
Command injection
OS Command Injection in GitHub repository part-db/part-db prior to 0.5.11...
CVE-2022-0848
Summary (CVE-2022-0848): part-db/part-db prior to 0.5.11 is vulnerable to an OS Command Injection via unrestricted file upload, enabling remote code execution on the affected web server. Multiple sources document an RCE exploit and practical PoCs (e.g., packetstorm/huntr/exploit-db) that leverage...
CVE-2022-0848 OS Command Injection in part-db/part-db
OS Command Injection in GitHub repository part-db/part-db prior to 0.5.11...
CVE-2022-0848 OS Command Injection in part-db/part-db
OS Command Injection in GitHub repository part-db/part-db prior to 0.5.11...
Part-DB 0.4 - Authentication Bypass
Part-DB 0.4 - Authentication Bypass Exploit Title: Part-DB 0.4 - Authentication Bypass Date: 2019-10-26 Author: Marvoloo Vendor Homepage: https://github.com/Part-DB/Part-DB/ Software Link: https://github.com/Part-DB/Part-DB/archive/master.zip Version: 0.4 Tested on: Linux CVE : N/A Discription:...
Part-DB 0.4 - Authentication Bypass Vulnerability
Exploit for php platform in category web applications...
Part-DB 0.4 Authentication Bypass
Exploit Title: Part-DB 0.4 - Authentication Bypass Date: 2019-10-26 Author: Marvoloo Vendor Homepage: https://github.com/Part-DB/Part-DB/ Software Link: https://github.com/Part-DB/Part-DB/archive/master.zip Version: 0.4 Tested on: Linux CVE : N/A Discription: Easy authentication bypass...