Mefhika120

5 exploits Active since Jan 2026
CVE-2026-3786 NOMISEC MEDIUM WORKING POC
easycms < 1.6 - SQL Injection via _order Parameter in Request Parameter Handler
A security flaw has been discovered in EasyCMS up to 1.6. The impacted element is an unknown function of the file /RbacuserAction.class.php of the component Request Parameter Handler. The manipulation of the argument _order results in sql injection. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 6.3
CVE-2026-21876 NOMISEC CRITICAL WORKING POC
OWASP CRS <4.22.0-3.3.8 - Info Disclosure
The OWASP core rule set (CRS) is a set of generic attack detection rules for use with compatible web application firewalls. Prior to versions 4.22.0 and 3.3.8, the current rule 922110 has a bug when processing multipart requests with multiple parts. When the first rule in a chain iterates over a collection (like `MULTIPART_PART_HEADERS`), the capture variables (`TX:0`, `TX:1`) get overwritten with each iteration. Only the last captured value is available to the chained rule, which means malicious charsets in earlier parts can be missed if a later part has a legitimate charset. Versions 4.22.0 and 3.3.8 patch the issue.
CVSS 9.3
CVE-2026-24061 NOMISEC CRITICAL WORKING POC
GNU Inetutils Telnet Authentication Bypass Exploit CVE-2026-24061
telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable.
CVSS 9.8
CVE-2025-60021 NOMISEC CRITICAL WORKING POC
Apache bRPC < 1.15.0 - Remote Command Injection via Heap Profiler extra_options Parameter
Remote command injection vulnerability in heap profiler builtin service in Apache bRPC ((all versions < 1.15.0)) on all platforms allows attacker to inject remote command. Root Cause: The bRPC heap profiler built-in service (/pprof/heap) does not validate the user-provided extra_options parameter and executes it as a command-line argument. Attackers can execute remote commands using the extra_options parameter.. Affected scenarios: Use the built-in bRPC heap profiler service to perform jemalloc memory profiling. How to Fix: we provide two methods, you can choose one of them: 1. Upgrade bRPC to version 1.15.0. 2. Apply this patch ( https://github.com/apache/brpc/pull/3101 ) manually.
CVSS 9.8
CVE-2025-64155 NOMISEC CRITICAL WRITEUP
FortiSIEM 6.7.0-6.7.10, 7.0.0-7.0.4, 7.1.0-7.1.8, 7.3.0-7.3.4, 7.4.0 - OS Command Injection via TCP Requests
An improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 through 7.3.4, FortiSIEM 7.1.0 through 7.1.8, FortiSIEM 7.0.0 through 7.0.4, FortiSIEM 6.7.0 through 6.7.10 may allow an attacker to execute unauthorized code or commands via crafted TCP requests.
CVSS 9.8