Fu2x2000

5 exploits Active since Jul 2017
CVE-2023-46747 NOMISEC CRITICAL WORKING POC
F5 BIG-IP 13.1.0-13.1.4 - Unauthenticated Remote Command Execution via Configuration Utility Bypass
Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
CVSS 9.8
CVE-2017-17058 NOMISEC HIGH WORKING POC
WooCommerce < 3.2.6 - Directory Traversal via Email Template URI
The WooCommerce plugin through 3.x for WordPress has a Directory Traversal Vulnerability via a /wp-content/plugins/woocommerce/templates/emails/plain/ URI, which accesses a parent directory. NOTE: a software maintainer indicates that Directory Traversal is not possible because all of the template files have "if (!defined('ABSPATH')) {exit;}" code
CVSS 7.5
CVE-2017-7529 NOMISEC HIGH WORKING POC
nginx 0.5.6-1.13.2 - Integer Overflow in Range Filter Module
Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request.
CVSS 7.5
CVE-2017-17058 EXPLOITDB HIGH text WORKING POC
WooCommerce < 3.2.6 - Directory Traversal via Email Template URI
The WooCommerce plugin through 3.x for WordPress has a Directory Traversal Vulnerability via a /wp-content/plugins/woocommerce/templates/emails/plain/ URI, which accesses a parent directory. NOTE: a software maintainer indicates that Directory Traversal is not possible because all of the template files have "if (!defined('ABSPATH')) {exit;}" code
CVSS 7.5
CVE-2021-33990 EXPLOITDB CRITICAL python SCANNER
Liferay Portal 6.2.5 - OS Command Injection via File Upload Request
Liferay Portal 6.2.5 allows Command=FileUpload&Type=File&CurrentFolder=/ requests when frmfolders.html exists. NOTE: The vendor disputes this issue because the exploit reference link only shows frmfolders.html is accessible and does not demonstrate how an unauthorized user can upload a file.
CVSS 9.8