Jinny Ramsmark

4 exploits Active since Dec 2019
CVE-2019-19634 NOMISEC CRITICAL WORKING POC
verot.net class.upload <2.0.4 - Info Disclosure
class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576.
36 stars
CVSS 9.8
CVE-2019-19576 NOMISEC CRITICAL WORKING POC
verot.net class.upload <2.0.4 - Info Disclosure
class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions.
12 stars
CVSS 9.8
CVE-2020-37186 EXPLOITDB CRITICAL python WORKING POC
Chevereto 3.13.4 Core - RCE
Chevereto 3.13.4 Core contains a remote code execution vulnerability that allows attackers to inject malicious code during database configuration installation. Attackers can manipulate the database table prefix parameter to write a PHP shell file and execute arbitrary system commands through a crafted POST request.
CVSS 9.8
CVE-2019-19576 EXPLOITDB CRITICAL php WORKING POC
verot.net class.upload <2.0.4 - Info Disclosure
class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions.
CVSS 9.8