JavierOlmedo

3 exploits Active since Feb 2018
CVE-2018-6396 NOMISEC CRITICAL WORKING POC
Google Map Landkarten <= 4.2.3 - SQL Injection via cid/id/map Parameters
SQL Injection exists in the Google Map Landkarten through 4.2.3 component for Joomla! via the cid or id parameter in a layout=form_markers action, or the map parameter in a layout=default action.
8 stars
CVSS 9.8
CVE-2020-9038 NOMISEC MEDIUM WORKING POC
Joplin < 1.0.184 - Stored Cross-Site Scripting and Arbitrary File Read
Joplin through 1.0.184 allows Arbitrary File Read via XSS.
5 stars
CVSS 5.4
CVE-2018-6389 NOMISEC HIGH WORKING POC
WordPress < 4.9.2 - Unauthenticated Denial of Service via Repeated JavaScript File Loading
In WordPress through 4.9.2, unauthenticated attackers can cause a denial of service (resource consumption) by using the large list of registered .js files (from wp-includes/script-loader.php) to construct a series of requests to load every file many times.
2 stars
CVSS 7.5