KrE80r

7 exploits Active since Nov 2016
CVE-2019-12840 NOMISEC HIGH WORKING POC
Webmin < 1.910 - Authenticated Remote Command Execution via Package Updates Module
In Webmin through 1.910, any user authorized to the "Package Updates" module can execute arbitrary commands with root privileges via the data parameter to update.cgi.
8 stars
CVSS 8.8
CVE-2025-34299 NOMISEC CRITICAL WRITEUP
Monsta FTP < 2.11 - Unauthenticated Arbitrary File Upload
Monsta FTP versions 2.11 and earlier contain a vulnerability that allows unauthenticated arbitrary file uploads. This flaw enables attackers to execute arbitrary code by uploading a specially crafted file from a malicious (S)FTP server.
CVSS 9.8
CVE-2025-13486 NOMISEC CRITICAL WORKING POC
Advanced Custom Fields: Extended <0.9.1.1 - RCE
The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Remote Code Execution in versions 0.9.0.5 through 0.9.1.1 via the prepare_form() function. This is due to the function accepting user input and then passing that through call_user_func_array(). This makes it possible for unauthenticated attackers to execute arbitrary code on the server, which can be leveraged to inject backdoors or create new administrative user accounts.
CVSS 9.8
CVE-2024-44902 NOMISEC CRITICAL WORKING POC
Thinkphp 6.1.3-8.0.4 - Code Injection
A deserialization vulnerability in Thinkphp v6.1.3 to v8.0.4 allows attackers to execute arbitrary code.
CVSS 9.8
CVE-2021-3007 NOMISEC CRITICAL WORKING POC
Laminas Project laminas-http <2.14.2 - Code Injection
Laminas Project laminas-http before 2.14.2, and Zend Framework 3.0.0, has a deserialization vulnerability that can lead to remote code execution if the content is controllable, related to the __destruct method of the Zend\Http\Response\Stream class in Stream.php. NOTE: Zend Framework is no longer supported by the maintainer. NOTE: the laminas-http vendor considers this a "vulnerability in the PHP language itself" but has added certain type checking as a way to prevent exploitation in (unrecommended) use cases where attacker-supplied data can be deserialized
CVSS 9.8
CVE-2020-13756 NOMISEC CRITICAL WORKING POC
sabberworm/php_css_parser < 8.3.1 - Remote Code Execution via eval in allSelectors or getSelectorsBySpecificity
Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors() or getSelectorsBySpecificity() is called with input from an attacker.
CVSS 9.8
CVE-2016-5195 VULNCHECK_XDB HIGH WORKING POC
Linux Kernel 2.x-4.x < 4.8.3 - Local Privilege Escalation via Dirty COW Race Condition
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
CVSS 7.0