Bruno Javarez (Ev3rR3d) - Security Researcher - Exploit Intelligence Platform

CVE-2024-26477 WRITEUP HIGH WRITEUP

Statping-ng <0.91.0 - Info Disclosure

An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the api parameter of the oauth, amazon_sns, export endpoints.

CVSS 7.5

View Code

CVE-2024-26478 WRITEUP MEDIUM WRITEUP

Statping-ng <0.91.0 - Info Disclosure

An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the /api/users endpoint.

CVSS 5.3

View Code

CVE-2024-26479 WRITEUP MEDIUM WRITEUP

Statping-ng <0.91.0 - Info Disclosure

An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the Command execution function.

CVSS 5.3

View Code

CVE-2024-26480 WRITEUP HIGH WRITEUP

Statping-ng <0.91.0 - Info Disclosure

An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the admin parameter.

CVSS 7.5

View Code

CVE-2024-26477 WRITEUP HIGH WRITEUP

Statping-ng <0.91.0 - Info Disclosure

An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the api parameter of the oauth, amazon_sns, export endpoints.

CVSS 7.5

View Code

CVE-2024-26478 WRITEUP MEDIUM WRITEUP

Statping-ng <0.91.0 - Info Disclosure

An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the /api/users endpoint.

CVSS 5.3

View Code

CVE-2024-26479 WRITEUP MEDIUM WRITEUP

Statping-ng <0.91.0 - Info Disclosure

An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the Command execution function.

CVSS 5.3

View Code

CVE-2024-26480 WRITEUP HIGH WRITEUP

Statping-ng <0.91.0 - Info Disclosure

An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the admin parameter.

CVSS 7.5

View Code