Angelo Pio Amirante

8 exploits Active since Jun 2022
CVE-2023-24317 NOMISEC HIGH WORKING POC
Judging Management System 1.0 - File Upload
Judging Management System 1.0 was discovered to contain an arbitrary file upload vulnerability via the component edit_organizer.php.
1 stars
CVSS 8.1
CVE-2022-33075 NOMISEC MEDIUM WORKING POC
Zoo Management System 1.0 - Stored Cross-Site Scripting in Add Classification Function
A stored cross-site scripting (XSS) vulnerability in the Add Classification function of Zoo Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via unspecified vectors.
CVSS 5.4
CVE-2022-35899 NOMISEC HIGH WRITEUP
ASUSTeK Aura Ready Game SDK <1.0.0.4 - Privilege Escalation
There is an unquoted service path in ASUSTeK Aura Ready Game SDK service (GameSDK.exe) 1.0.0.4. This might allow a local user to escalate privileges by creating a %PROGRAMFILES(X86)%\ASUS\GameSDK.exe file.
CVSS 7.8
CVE-2022-31897 NOMISEC MEDIUM WORKING POC
Zoo Management System 1.0 - Cross-Site Scripting via Register Visitor Message Parameter
SourceCodester Zoo Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via public_html/register_visitor?msg=.
CVSS 6.1
CVE-2022-35899 WRITEUP HIGH WRITEUP
ASUSTeK Aura Ready Game SDK <1.0.0.4 - Privilege Escalation
There is an unquoted service path in ASUSTeK Aura Ready Game SDK service (GameSDK.exe) 1.0.0.4. This might allow a local user to escalate privileges by creating a %PROGRAMFILES(X86)%\ASUS\GameSDK.exe file.
CVSS 7.8
CVE-2022-35899 EXPLOITDB HIGH text WRITEUP
ASUSTeK Aura Ready Game SDK <1.0.0.4 - Privilege Escalation
There is an unquoted service path in ASUSTeK Aura Ready Game SDK service (GameSDK.exe) 1.0.0.4. This might allow a local user to escalate privileges by creating a %PROGRAMFILES(X86)%\ASUS\GameSDK.exe file.
CVSS 7.8
EIP-2026-108935 EXPLOITDB python WORKING POC
Judging Management System v1.0 - Remote Code Execution (RCE)
EIP-2026-108934 EXPLOITDB text WORKING POC
Judging Management System v1.0 - Authentication Bypass