9527

3 exploits Active since Mar 2019
CVE-2019-7238 NOMISEC CRITICAL WORKING POC
Sonatype Nexus Repository Manager <3.15.0 - Privilege Escalation
Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control.
1 stars
CVSS 9.8
CVE-2021-26084 NOMISEC CRITICAL WORKING POC
Atlassian Confluence Server and Data Center - OGNL Injection
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.
CVSS 9.8
CVE-2021-4242 WRITEUP MEDIUM WORKING POC
Sapido BR270n BRC76n GR297 RB1732 - OS Command Injection via ip/syscmd.htm
A vulnerability was found in Sapido BR270n, BRC76n, GR297 and RB1732 and classified as critical. Affected by this issue is some unknown functionality of the file ip/syscmd.htm. The manipulation leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214592.
CVSS 6.3