Engin Demirbilek

3 exploits Active since Feb 2020
CVE-2020-10221 EXPLOITDB HIGH python WORKING POC
rconfig < 3.9.4 - Authenticated Remote Code Execution via fileName POST Parameter
lib/ajaxHandlers/ajaxAddTemplate.php in rConfig through 3.94 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the fileName POST parameter.
CVSS 8.8
CVE-2020-8947 EXPLOITDB HIGH python WORKING POC
Artica Pandora FMS 7.0 - Authenticated OS Command Injection via Netflow Live View Parameters
functions_netflow.php in Artica Pandora FMS 7.0 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the index.php?operation/netflow/nf_live_view ip_dst, dst_port, or src_port parameter, a different vulnerability than CVE-2019-20224.
CVSS 7.2
EIP-2026-105777 EXPLOITDB python WORKING POC
Centreo 19.10.8 - 'DisplayServiceStatus' Remote Code Execution