Hubert Wojciechowski

22 exploits Active since Aug 2023
CVE-2023-53975 EXPLOITDB HIGH text WORKING POC
Atom CMS 2.0 - SQL Injection
Atom CMS 2.0 contains an unauthenticated SQL injection vulnerability that allows remote attackers to manipulate database queries through unvalidated parameters. Attackers can inject malicious SQL code in the 'id' parameter of the admin index page to execute time-based blind SQL injection attacks.
CVSS 7.5
CVE-2023-53972 EXPLOITDB HIGH text WORKING POC
WebTareas 2.4 - SQL Injection
WebTareas 2.4 contains a SQL injection vulnerability in the webTareasSID cookie parameter that allows unauthenticated attackers to manipulate database queries. Attackers can exploit error-based and time-based blind SQL injection techniques to extract database information and potentially access sensitive system data.
CVSS 7.5
CVE-2023-53971 EXPLOITDB HIGH text WORKING POC
WebTareas 2.4 - File Upload
WebTareas 2.4 contains a file upload vulnerability that allows authenticated users to upload malicious PHP files through the chat photo upload functionality. Attackers can upload a PHP file with arbitrary code to the /files/Messages/ directory and execute it directly through the generated file path.
CVSS 8.8
CVE-2023-36121 EXPLOITDB MEDIUM text WORKING POC
e107 <2.3.2 - XSS
Cross Site Scripting vulnerability in e107 v.2.3.2 allows a remote attacker to execute arbitrary code via the description function in the SEO project.
CVSS 5.4
CVE-2022-50939 EXPLOITDB HIGH text WORKING POC
e107 CMS <3.2.1 - Path Traversal
e107 CMS version 3.2.1 contains a critical file upload vulnerability that allows authenticated administrators to override arbitrary server files through path traversal. The vulnerability exists in the Media Manager's remote URL upload functionality (image.php) where the upload_caption parameter is not properly sanitized. An attacker with administrative privileges can use directory traversal sequences (../../../) in the upload_caption field to overwrite critical system files outside the intended upload directory. This can lead to complete compromise of the web application by overwriting configuration files, executable scripts, or other critical system components. The vulnerability was discovered by Hubert Wojciechowski and affects the image.php component in the admin interface.
CVSS 7.2
CVE-2022-50916 EXPLOITDB HIGH text WORKING POC
e107 CMS <3.2.1 - File Upload
e107 CMS version 3.2.1 contains a file upload vulnerability that allows authenticated administrators to override server files through the Media Manager import functionality. Attackers can exploit the upload mechanism by manipulating the upload URL parameter to overwrite existing files like top.php in the web application directory.
CVSS 7.2
CVE-2022-50907 EXPLOITDB HIGH text WORKING POC
e107 CMS <3.2.1 - Authenticated RCE
e107 CMS version 3.2.1 contains a file upload vulnerability that allows authenticated administrative users to bypass upload restrictions and execute PHP files. Attackers can upload malicious PHP files to parent directories by manipulating the upload URL parameter, enabling remote code execution through the Media Manager import feature.
CVSS 7.2
CVE-2022-50906 EXPLOITDB MEDIUM text WORKING POC
e107 CMS 3.2.1 - XSS
e107 CMS 3.2.1 contains an upload restriction bypass vulnerability that allows authenticated administrators to upload malicious SVG files through the media manager. Attackers with admin privileges can exploit this vulnerability to upload SVG files with embedded cross-site scripting (XSS) payloads that can execute arbitrary scripts when viewed.
CVSS 4.8
CVE-2022-50905 EXPLOITDB CRITICAL text WORKING POC
e107 CMS 3.2.1 - XSS
e107 CMS version 3.2.1 contains multiple vulnerabilities that allow cross-site scripting (XSS) attacks. The first vulnerability is a reflected XSS that occurs in the news comment functionality when authenticated users interact with the comment form. An attacker can inject malicious JavaScript code through the URL parameter that gets executed when users click outside the comment field after typing content. The second vulnerability involves an upload restriction bypass for authenticated administrators, allowing them to upload SVG files containing malicious code through the media manager's remote URL upload feature. This results in stored XSS when the uploaded SVG files are accessed. These vulnerabilities were discovered by Hubert Wojciechowski and affect the news.php and image.php components of the CMS.
CVSS 9.8
CVE-2021-47721 EXPLOITDB HIGH text WORKING POC
Orangescrum - IDOR
Orangescrum 1.8.0 contains a privilege escalation vulnerability that allows authenticated users to take over other project-assigned accounts by manipulating session cookies. Attackers can extract the victim's unique ID from the page source and replace their own session cookie to gain unauthorized access to another user's account.
CVSS 8.8
CVE-2021-47720 EXPLOITDB HIGH text WORKING POC
Orangescrum - SQL Injection
Orangescrum 1.8.0 contains an authenticated SQL injection vulnerability that allows authorized users to manipulate database queries through multiple vulnerable parameters. Attackers can inject malicious SQL code into parameters like old_project_id, project_id, uuid, and uniqid to potentially extract or modify database information.
CVSS 7.1
CVE-2021-47716 EXPLOITDB MEDIUM text WORKING POC
Orangescrum - XSS
Orangescrum 1.8.0 contains multiple cross-site scripting vulnerabilities that allow authenticated attackers to inject malicious scripts through various input parameters. Attackers can exploit parameters like 'projid', 'CS_message', and 'name' to execute arbitrary JavaScript code in victim's browsers by submitting crafted payloads through application endpoints.
CVSS 5.4
EIP-2026-113376 EXPLOITDB text WORKING POC
WebTareas 2.4 - Reflected XSS (Unauthorised)
EIP-2026-112939 EXPLOITDB text WORKING POC
Uvdesk 1.1.4 - Stored XSS (Authenticated)
EIP-2026-110196 EXPLOITDB text WORKING POC
Online Traffic Offense Management System 1.0 - Multiple XSS (Unauthenticated)
EIP-2026-110195 EXPLOITDB text WORKING POC
Online Traffic Offense Management System 1.0 - Multiple SQL Injection (Unauthenticated)
EIP-2026-110194 EXPLOITDB text WORKING POC
Online Traffic Offense Management System 1.0 - Multiple RCE (Unauthenticated)
EIP-2026-110273 EXPLOITDB text WORKING POC
opencart 3.0.3.8 - Sessjion Injection
EIP-2026-110197 EXPLOITDB text WORKING POC
Online Traffic Offense Management System 1.0 - Privilage escalation (Unauthenticated)
EIP-2026-109908 EXPLOITDB text WORKING POC
News Portal v4.0 - SQL Injection (Unauthorized)
EIP-2026-105004 EXPLOITDB text WORKING POC
Aero CMS v0.0.1 - SQL Injection (no auth)
EIP-2026-105003 EXPLOITDB text WORKING POC
Aero CMS v0.0.1 - PHP Code Injection (auth)