Andrew Trube

CVE-2012-2593 NOMISEC MEDIUM WORKING POC

Atmail Webmail Server 6.4 - Cross-Site Scripting via Email Date Field

Cross-site scripting (XSS) vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers to inject arbitrary web script or HTML via the Date field of an email.

CVSS 6.1

View Code

CVE-2014-7205 NOMISEC WORKING POC

hapi Server Framework - Code Injection

Eval injection vulnerability in the internals.batch function in lib/batch.js in the bassmaster plugin before 1.5.2 for the hapi server framework for Node.js allows remote attackers to execute arbitrary Javascript code via unspecified vectors.

View Code

CVE-2021-1675 PATCHAPALOOZA HIGH WORKING POC

Windows Print Spooler - Remote Code Execution

Windows Print Spooler Remote Code Execution Vulnerability

CVSS 7.8

View Code