Himash

4 exploits Active since Nov 2018
CVE-2018-19410 NOMISEC CRITICAL WORKING POC
PRTG Network Monitor <18.2.40.1683 - Local File Inclusion
PRTG Network Monitor before 18.2.40.1683 allows remote unauthenticated attackers to create users with read-write privileges (including administrator). A remote unauthenticated user can craft an HTTP request and override attributes of the 'include' directive in /public/login.htm and perform a Local File Inclusion attack, by including /api/addusers and executing it. By providing the 'id' and 'users' parameters, an unauthenticated attacker can create a user with read-write privileges (including administrator).
3 stars
CVSS 9.8
CVE-2024-26492 EXPLOITDB MEDIUM text WORKING POC
Online Diagnostic Lab Management System 1.0 - RCE
An issue in Online Diagnostic Lab Management System 1.0 allows a remote attacker to gain control of a 'Staff' user account via a crafted POST request using the id, email, password, and cpass parameters.
CVSS 6.3
EIP-2026-110084 EXPLOITDB text WRITEUP
Online Diagnostic Lab Management System 1.0 - SQL Injection (Unauthenticated)
EIP-2026-110085 EXPLOITDB text WORKING POC
Online Diagnostic Lab Management System 1.0 - Stored Cross Site Scripting (XSS)