Arcangelo Saracino

3 exploits Active since Jan 2021
CVE-2026-21627 GITHUB CRITICAL python WORKING POC
Tassos Framework Plugin - Auth Bypass
The vulnerability was rooted in how the Tassos Framework plugin handled specific AJAX requests through Joomla’s com_ajax entry point. Under certain conditions, internal framework functionality could be invoked without proper restriction.
10 stars
CVE-2026-21627 NOMISEC CRITICAL WORKING POC
Tassos Framework Plugin - Auth Bypass
The vulnerability was rooted in how the Tassos Framework plugin handled specific AJAX requests through Joomla’s com_ajax entry point. Under certain conditions, internal framework functionality could be invoked without proper restriction.
CVE-2020-35749 EXPLOITDB HIGH ruby WORKING POC
Simple Board Job < 2.9.3 - Authenticated Path Traversal via sjb_file Parameter
Directory traversal vulnerability in class-simple_job_board_resume_download_handler.php in the Simple Board Job plugin 2.9.3 and earlier for WordPress allows remote attackers to read arbitrary files via the sjb_file parameter to wp-admin/post.php.
CVSS 7.7