Maximilian Barz (@S1lkys)

2 exploits Active since Apr 2020
CVE-2020-11107 NOMISEC HIGH WORKING POC
XAMPP <7.2.29, <7.3.16, <7.4.4 - Command Injection
An issue was discovered in XAMPP before 7.2.29, 7.3.x before 7.3.16 , and 7.4.x before 7.4.4 on Windows. An unprivileged user can change a .exe configuration in xampp-contol.ini for all users (including admins) to enable arbitrary command execution.
CVSS 8.8
CVE-2020-11107 EXPLOITDB HIGH powershell WORKING POC
XAMPP <7.2.29, <7.3.16, <7.4.4 - Command Injection
An issue was discovered in XAMPP before 7.2.29, 7.3.x before 7.3.16 , and 7.4.x before 7.4.4 on Windows. An unprivileged user can change a .exe configuration in xampp-contol.ini for all users (including admins) to enable arbitrary command execution.
CVSS 8.8