Aljosha Judmayer

38 exploits Active since Aug 2017
CVE-2024-13919 WRITEUP HIGH WRITEUP
Laravel Framework < 11.36.0 - XSS
The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of route parameters in the debug-mode error page.
CVSS 8.0
CVE-2024-41800 WRITEUP MEDIUM WRITEUP
Craftcms Craft Cms < 5.2.3 - Authentication Bypass
Craft is a content management system (CMS). Craft CMS 5 allows reuse of TOTP tokens multiple times within the validity period. An attacker is able to re-submit a valid TOTP token to establish an authenticated session. This requires that the attacker has knowledge of the victim's credentials. This has been patched in Craft 5.2.3.
CVSS 4.8
CVE-2024-5657 WRITEUP LOW WRITEUP
CraftCMS <3.3.3 - Info Disclosure
The CraftCMS plugin Two-Factor Authentication in versions 3.3.1, 3.3.2 and 3.3.3 discloses the password hash of the currently authenticated user after submitting a valid TOTP.
CVSS 3.7
CVE-2024-5658 WRITEUP MEDIUM WRITEUP
CraftCMS - Info Disclosure
The CraftCMS plugin Two-Factor Authentication through 3.3.3 allows reuse of TOTP tokens multiple times within the validity period.
CVSS 4.8
CVE-2024-5676 WRITEUP MEDIUM WRITEUP
Paradox IP150 Internet Module <1.40.00 - CSRF
The Paradox IP150 Internet Module in version 1.40.00 is vulnerable to Cross-Site Request Forgery (CSRF) attacks due to a lack of countermeasures and the use of the HTTP method `GET` to introduce changes in the system.
CVSS 6.8
CVE-2025-32919 WRITEUP HIGH WRITEUP
Checkmk < 2.2.0 - Uncontrolled Search Path
Use of an insecure temporary directory in the Windows License plugin for the Checkmk Windows Agent allows Privilege Escalation. This issue affects Checkmk: from 2.4.0 before 2.4.0p13, from 2.3.0 before 2.3.0p38, from 2.2.0 before 2.2.0p46, and all versions of 2.1.0 (EOL).
CVSS 7.8
CVE-2025-39663 WRITEUP HIGH WRITEUP
Checkmk < 2.3.0 - Basic XSS
Cross-Site Scripting (XSS) vulnerability in Checkmk's distributed monitoring allows a compromised remote site to inject malicious HTML code into service outputs in the central site. Affecting Checkmk before 2.4.0p14, 2.3.0p39, 2.2.0 and 2.1.0 (eol).
CVSS 8.4
CVE-2025-39664 WRITEUP MEDIUM WRITEUP
Checkmk < 2.2.0 - Path Traversal
Insufficient escaping in the report scheduler within Checkmk <2.4.0p13, <2.3.0p38, <2.2.0p46 and 2.1.0 (EOL) allows authenticated attackers to define the storage location of report file pairs beyond their intended root directory.
CVSS 6.5
CVE-2025-41255 WRITEUP HIGH WRITEUP
Cyberduck <9.1.6 - Mountain Duck <4.17.5 - Info Disclosure
Cyberduck and Mountain Duck improperly handle TLS certificate pinning for untrusted certificates (e.g., self-signed), unnecessarily installing it to the Windows Certificate Store of the current user without any restrictions. This issue affects Cyberduck through 9.1.6 and Mountain Duck through 4.17.5.
CVSS 8.0
CVE-2025-41256 WRITEUP HIGH WRITEUP
Cyberduck <9.1.6 - Mountain Duck <4.17.5 - TLS Pinning Weakness
Cyberduck and Mountain Duck improper handle TLS certificate pinning for untrusted certificates (e.g., self-signed), since the certificate fingerprint is stored as SHA-1, although SHA-1 is considered weak. This issue affects Cyberduck: through 9.1.6; Mountain Duck: through 4.17.5.
CVSS 7.4
CVE-2025-52901 WRITEUP MEDIUM WRITEUP
File Browser <2.33.9 - Info Disclosure
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.33.9, access tokens are used as GET parameters. The JSON Web Token (JWT) which is used as a session identifier will get leaked to anyone having access to the URLs accessed by the user. This will give an attacker full access to a user's account and, in consequence, to all sensitive files the user has access to. This issue has been patched in version 2.33.9.
CVSS 4.5
CVE-2025-52996 WRITEUP LOW WRITEUP
File Browser <2.32.0 - Info Disclosure
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. In versions 2.32.0 and prior, the implementation of password protected links is error-prone, resulting in potential unprotected sharing of a file through a direct download link. This link can either be shared unknowingly by a user or discovered from various locations such as the browser history or the log of a proxy server used. At time of publication, no known patched versions are available.
CVSS 3.1
CVE-2025-52997 WRITEUP MEDIUM WRITEUP
File Browser <2.34.1 - Info Disclosure
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.34.1, a missing password policy and brute-force protection makes the authentication process insecure. Attackers could mount a brute-force attack to retrieve the passwords of all accounts in a given instance. This issue has been patched in version 2.34.1.
CVSS 5.9