1ZRR4H

2 exploits Active since Aug 2021

CVE-2021-26084 NOMISEC CRITICAL SCANNER

Atlassian Confluence Server and Data Center - OGNL Injection

In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.

30 stars

CVSS 9.8

View Code

CVE-2021-22005 NOMISEC CRITICAL SCANNER

Vmware Cloud Foundation < 5.0 - Path Traversal

The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file.

8 stars

CVSS 9.8

View Code