0xd0ff9 - Security Researcher - Exploit Intelligence Platform

CVE-2021-36394 NOMISEC CRITICAL WORKING POC

Moodle - Remote Code Execution in Shibboleth Authentication Plugin

In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin.

12 stars

CVSS 9.8

View Code

CVE-2018-16763 NOMISEC CRITICAL WORKING POC

FUEL CMS < 1.4.2 - Unauthenticated Remote Code Execution via Pages Filter or Preview Data Parameter

FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/ filter parameter or the preview/ data parameter. This can lead to Pre-Auth Remote Code Execution.

4 stars

CVSS 9.8

View Code

CVE-2018-16763 NOMISEC CRITICAL WORKING POC

FUEL CMS < 1.4.2 - Unauthenticated Remote Code Execution via Pages Filter or Preview Data Parameter

FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/ filter parameter or the preview/ data parameter. This can lead to Pre-Auth Remote Code Execution.

2 stars

CVSS 9.8

View Code

CVE-2018-16763 NOMISEC CRITICAL WORKING POC

FUEL CMS < 1.4.2 - Unauthenticated Remote Code Execution via Pages Filter or Preview Data Parameter

FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/ filter parameter or the preview/ data parameter. This can lead to Pre-Auth Remote Code Execution.

CVSS 9.8

View Code

CVE-2020-37052 EXPLOITDB CRITICAL python WORKING POC

Ubiquiti AirControl 1.4.2 - Unauthenticated Remote Code Execution via Java Expression Injection in /.seam Endpoint

AirControl 1.4.2 contains a pre-authentication remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through malicious Java expression injection. Attackers can exploit the /.seam endpoint by crafting a specially constructed URL with embedded Java expressions to run commands with the application's system privileges.

CVSS 9.8

View Code

CVE-2018-16763 EXPLOITDB CRITICAL python WORKING POC

FUEL CMS < 1.4.2 - Unauthenticated Remote Code Execution via Pages Filter or Preview Data Parameter

FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/ filter parameter or the preview/ data parameter. This can lead to Pre-Auth Remote Code Execution.

CVSS 9.8

View Code