BreadSquad

2 exploits Active since May 2019

CVE-2025-1219 NOMISEC MEDIUM SCANNER

PHP <8.1.32, <8.2.28, <8.3.19, <8.4.5 - Info Disclosure

In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when requesting a HTTP resource using the DOM or SimpleXML extensions, the wrong content-type header is used to determine the charset when the requested resource performs a redirect. This may cause the resulting document to be parsed incorrectly or bypass validations.

2 stars

CVSS 5.3

View Code

CVE-2018-14714 NOMISEC CRITICAL WORKING POC

ASUS RT-AC3200 <3.0.0.4.382.50010 - Command Injection

System command injection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to execute system commands via the "load_script" URL parameter.

CVSS 9.8

View Code