Georgios Tsimpidas

3 exploits Active since Jun 2024
CVE-2024-31777 NOMISEC CRITICAL WORKING POC
openeclass < 3.15 - Remote Code Execution via certbadge.php File Upload
File Upload vulnerability in openeclass v.3.15 and before allows an attacker to execute arbitrary code via a crafted file to the certbadge.php endpoint.
1 stars
CVSS 9.8
CVE-2024-33253 WRITEUP MEDIUM WRITEUP
openeclass < 3.15 - Authenticated Stored Cross-Site Scripting via Badge Template Fields
Cross-site scripting (XSS) vulnerability in GUnet OpenEclass E-learning Platform version 3.15 and before allows a authenticated privileged attacker to execute arbitrary code via the title and description fields of the badge template editing function.
CVSS 5.4
CVE-2024-31777 EXPLOITDB CRITICAL text WORKING POC
openeclass < 3.15 - Remote Code Execution via certbadge.php File Upload
File Upload vulnerability in openeclass v.3.15 and before allows an attacker to execute arbitrary code via a crafted file to the certbadge.php endpoint.
CVSS 9.8