Gabriel H. @weekndr_sec

3 exploits Active since Jan 2017
CVE-2025-5777 NOMISEC HIGH WORKING POC
Citrix Netscaler Application Delivery... - Use of Uninitialized Resource
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
3 stars
CVSS 7.5
CVE-2018-7422 NOMISEC HIGH WORKING POC
Siteeditor Site Editor < 1.1.1 - Path Traversal
A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for WordPress allows remote attackers to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php, aka absolute path traversal.
1 stars
CVSS 7.5
CVE-2017-5487 NOMISEC MEDIUM WORKING POC
Wordpress < 4.7 - Information Disclosure
wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API implementation in WordPress 4.7 before 4.7.1 does not properly restrict listings of post authors, which allows remote attackers to obtain sensitive information via a wp-json/wp/v2/users request.
CVSS 5.3