Guilhem RIOUX

8 exploits Active since Aug 2023
CVE-2023-26469 NOMISEC CRITICAL WORKING POC
Jorani 1.0.0 - Path Traversal
In Jorani 1.0.0, an attacker could leverage path traversal to access files and execute code on the server.
CVSS 9.8
CVE-2022-41572 WRITEUP CRITICAL WORKING POC
EyesOfNetwork <5.3.11 - Privilege Escalation
An issue was discovered in EyesOfNetwork (EON) through 5.3.11. Privilege escalation can be accomplished on the server because nmap can be run as root. The attacker achieves total control over the server.
CVSS 9.8
CVE-2022-41573 WRITEUP CRITICAL WORKING POC
Ovidentia 8.3 - RCE
An issue was discovered in Ovidentia 8.3. The file upload feature does not prevent the uploading of executable files. A user can upload a .png file containing PHP code and then rename it to have the .php extension. It will then be accessible at an images/common/ URI for remote code execution.
CVSS 9.8
CVE-2022-45185 WRITEUP HIGH WORKING POC
Salesagility Suitecrm - Insecure Deserialization
An issue was discovered in SuiteCRM 7.12.7. Authenticated users can use CRM functions to upload malicious files. Then, deserialization can be used to achieve code execution.
CVSS 8.8
CVE-2022-45186 WRITEUP HIGH WORKING POC
SuiteCRM 7.12.7 - Privilege Escalation
An issue was discovered in SuiteCRM 7.12.7. Authenticated users can recover an arbitrary field of a database.
CVSS 8.1
CVE-2023-23563 WRITEUP MEDIUM WORKING POC
Geomatika Isigeo Web - SQL Injection
An issue was discovered in Geomatika IsiGeo Web 6.0. It allows remote authenticated users to obtain sensitive database content via SQL Injection.
CVSS 6.5
CVE-2023-23564 WRITEUP HIGH WORKING POC
Geomatika Isigeo Web - Command Injection
An issue was discovered in Geomatika IsiGeo Web 6.0. It allows remote authenticated users to execute commands.
CVSS 8.8
CVE-2023-23565 WRITEUP MEDIUM WORKING POC
Geomatika Isigeo Web - Remote File Inclusion
An issue was discovered in Geomatika IsiGeo Web 6.0. It allows remote authenticated users to retrieve PHP files from the server via Local File Inclusion.
CVSS 4.9