Eldar Marcussen

4 exploits Active since Sep 2014
CVE-2014-2008 EXPLOITDB text WRITEUP
mpay24 < 1.6 - SQL Injection via TID Parameter
SQL injection vulnerability in confirm.php in the mPAY24 payment module before 1.6 for PrestaShop allows remote attackers to execute arbitrary SQL commands via the TID parameter.
CVE-2019-10669 METASPLOIT HIGH ruby WORKING POC
LibreNMS < 1.47 - OS Command Injection via collectd.inc.php
An issue was discovered in LibreNMS through 1.47. There is a command injection vulnerability in html/includes/graphs/device/collectd.inc.php where user supplied parameters are filtered with the mysqli_escape_real_string function. This function is not the appropriate function to sanitize command arguments as it does not escape a number of command line syntax characters such as ` (backtick), allowing an attacker to inject commands into the variable $rrd_cmd, which gets executed via passthru().
CVSS 7.2
CVE-2014-2009 EXPLOITDB text WRITEUP
mpay24 < 1.5.1 - Unauthenticated Sensitive Information Exposure via Direct Request to API Log
The mPAY24 payment module before 1.6 for PrestaShop allows remote attackers to obtain credentials, the installation path, and other sensitive information via a direct request to api/curllog.log.
CVE-2019-10669 EXPLOITDB HIGH ruby WORKING POC
LibreNMS < 1.47 - OS Command Injection via collectd.inc.php
An issue was discovered in LibreNMS through 1.47. There is a command injection vulnerability in html/includes/graphs/device/collectd.inc.php where user supplied parameters are filtered with the mysqli_escape_real_string function. This function is not the appropriate function to sanitize command arguments as it does not escape a number of command line syntax characters such as ` (backtick), allowing an attacker to inject commands into the variable $rrd_cmd, which gets executed via passthru().
CVSS 7.2