Bruno de Barros Bulle

5 exploits Active since Dec 2019
CVE-2019-19740 WRITEUP CRITICAL WRITEUP
Octeth Oempro 4.7-4.8 - SQL Injection via CampaignID Parameter
Octeth Oempro 4.7 and 4.8 allow SQL injection. The parameter CampaignID in Campaign.Get is vulnerable.
CVSS 9.8
CVE-2020-12764 WRITEUP MEDIUM WRITEUP
Gnuteca 3.8 - Path Traversal via file.php folder Parameter
Gnuteca 3.8 allows file.php?folder=/&file= Directory Traversal.
CVSS 5.3
CVE-2020-12765 WRITEUP MEDIUM WRITEUP
Solis Miolo 2.0 - Path Traversal via index.php module Parameter
Solis Miolo 2.0 allows index.php?module=install&action=view&item= Directory Traversal.
CVSS 5.3
CVE-2020-12766 WRITEUP CRITICAL WRITEUP
Gnuteca 3.8 - SQL Injection via exemplaryStatusId Parameter
Gnuteca 3.8 allows action=main:search:simpleSearch SQL Injection via the exemplaryStatusId parameter.
CVSS 9.8
CVE-2019-19740 EXPLOITDB CRITICAL text WORKING POC
Octeth Oempro 4.7-4.8 - SQL Injection via CampaignID Parameter
Octeth Oempro 4.7 and 4.8 allow SQL injection. The parameter CampaignID in Campaign.Get is vulnerable.
CVSS 9.8