Alan Lacerda - Security Researcher - Exploit Intelligence Platform

CVE-2025-27953 WRITEUP MEDIUM WRITEUP

Philips Clinical Collaboration Platform - Command Injection

An issue in Clinical Collaboration Platform 12.2.1.5 allows a remote attacker to obtain sensitive information and execute arbitrary code via the session management component.

CVSS 6.5

View Code

CVE-2025-27954 WRITEUP MEDIUM WRITEUP

Philips Clinical Collaboration Platform - Command Injection

An issue in Clinical Collaboration Platform 12.2.1.5 allows a remote attacker to obtain sensitive information and execute arbitrary code via the usertoken function of default.aspx.

CVSS 6.5

View Code

CVE-2025-27955 WRITEUP MEDIUM WRITEUP

Clinical Collaboration Platform 12.2.1.5 - RCE

Clinical Collaboration Platform 12.2.1.5 has a weak logout system where the session token remains valid after logout and allows a remote attacker to obtain sensitive information and execute arbitrary code.

CVSS 6.5

View Code

CVE-2020-36991 EXPLOITDB HIGH text WRITEUP

ShareMouse 5.0.43 - Privilege Escalation

ShareMouse 5.0.43 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the insecure service path configuration by placing malicious executables in specific system directories to gain elevated access during service startup.

CVSS 7.8

View Code