B3KC4T

4 exploits Active since Nov 2020
CVE-2020-35729 METASPLOIT CRITICAL ruby WORKING POC
klog_server 2.4.1 - OS Command Injection via User Parameter
KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions/authenticate.php user parameter.
CVSS 9.8
CVE-2020-29395 EXPLOITDB MEDIUM python WORKING POC
EventON < 3.0.5 - Cross-Site Scripting via Search Field
The EventON plugin through 3.0.5 for WordPress allows addons/?q= XSS via the search field.
CVSS 6.1
CVE-2020-35729 EXPLOITDB CRITICAL python WORKING POC
klog_server 2.4.1 - OS Command Injection via User Parameter
KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions/authenticate.php user parameter.
CVSS 9.8
CVE-2020-35729 EXPLOITDB CRITICAL ruby WORKING POC
klog_server 2.4.1 - OS Command Injection via User Parameter
KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions/authenticate.php user parameter.
CVSS 9.8