Ally Petitt

8 exploits Active since Sep 2023
CVE-2024-48990 NOMISEC HIGH WORKING POC
Ubuntu needrestart Privilege Escalation
Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable.
5 stars
CVSS 7.8
CVE-2024-27632 NOMISEC HIGH WRITEUP
GNU Savane <3.12 - Privilege Escalation
An issue in GNU Savane v.3.12 and before allows a remote attacker to escalate privileges via the form_id in the form_header() function.
1 stars
CVSS 8.8
CVE-2023-40362 NOMISEC MEDIUM WORKING POC
Centralsquare Click2gov Building Permit - Missing Authorization
An issue was discovered in CentralSquare Click2Gov Building Permit before October 2023. Lack of access control protections allows remote attackers to arbitrarily delete the contractors from any user's account when the user ID and contractor information is known.
1 stars
CVSS 4.3
CVE-2024-29399 NOMISEC HIGH WORKING POC
GNU Savane <3.13 - RCE
An issue was discovered in GNU Savane v.3.13 and before, allows a remote attacker to execute arbitrary code and escalate privileges via a crafted file to the upload.php component.
CVSS 7.6
CVE-2024-27630 NOMISEC HIGH WRITEUP
GNU Savane <3.12 - Info Disclosure
Insecure Direct Object Reference (IDOR) in GNU Savane v.3.12 and before allows a remote attacker to delete arbitrary files via crafted input to the trackers_data_delete_file function.
CVSS 7.5
CVE-2024-27631 NOMISEC MEDIUM WORKING POC
GNU Savane <3.12 - CSRF
Cross Site Request Forgery vulnerability in GNU Savane v.3.12 and before allows a remote attacker to escalate privileges via siteadmin/usergroup.php
CVSS 6.0
CVE-2023-45503 NOMISEC MEDIUM WRITEUP
Macs Cms - SQL Injection
SQL Injection vulnerability in Macrob7 Macs CMS 1.1.4f, allows remote attackers to execute arbitrary code, cause a denial of service (DoS), escalate privileges, and obtain sensitive information via crafted payload to resetPassword, forgotPasswordProcess, saveUser, saveRole, deleteUser, deleteRole, deleteComment, deleteUser, allowComment, saveRole, forgotPasswordProcess, resetPassword, saveUser, addComment, saveRole, and saveUser endpoints.
CVSS 5.3
CVE-2023-43154 NOMISEC CRITICAL WRITEUP
Macros CMS 1.1.4f - Auth Bypass
In Macrob7 Macs Framework Content Management System (CMS) 1.1.4f, loose comparison in "isValidLogin()" function during login attempt results in PHP type confusion vulnerability that leads to authentication bypass and takeover of the administrator account.
CVSS 9.8