Mesh3l911

12 exploits Active since Jan 2021
CVE-2021-31761 NOMISEC CRITICAL WORKING POC
Webmin 1.973 - Reflected Cross-Site Scripting to Remote Command Execution via Running Process Feature
Webmin 1.973 is affected by reflected Cross Site Scripting (XSS) to achieve Remote Command Execution through Webmin's running process feature.
5 stars
CVSS 9.6
CVE-2021-31760 NOMISEC HIGH WORKING POC
Webmin 1.973 - Cross-Site Request Forgery to Remote Command Execution via Running Process Feature
Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to achieve Remote Command Execution (RCE) through Webmin's running process feature.
2 stars
CVSS 8.8
CVE-2021-32162 NOMISEC HIGH WORKING POC
Webmin 1.973 - Cross-Site Request Forgery via File Manager
A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 through the File Manager feature.
1 stars
CVSS 8.8
CVE-2021-31762 NOMISEC HIGH WORKING POC
Webmin 1.973 - Cross-Site Request Forgery via User Addition Feature
Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to create a privileged user through Webmin's add users feature, and then get a reverse shell through Webmin's running process feature.
1 stars
CVSS 8.8
CVE-2021-32157 NOMISEC CRITICAL WORKING POC
Webmin 1.973 - Stored Cross-Site Scripting via Scheduled Cron Jobs Feature
A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature.
1 stars
CVSS 9.6
CVE-2021-3138 NOMISEC HIGH WORKING POC
Discourse 2.7.0-beta1 - Two-Factor Authentication Bypass via Rate-Limit Bypass
In Discourse 2.7.0 through beta1, a rate-limit bypass leads to a bypass of the 2FA requirement for certain forms.
1 stars
CVSS 7.5
CVE-2021-32161 NOMISEC MEDIUM WORKING POC
Webmin 1.973 - Stored Cross-Site Scripting in File Manager
A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the File Manager feature.
CVSS 6.1
CVE-2021-32158 NOMISEC MEDIUM WORKING POC
Webmin 1.973 - Stored Cross-Site Scripting via Upload and Download Feature
A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via the Upload and Download feature.
CVSS 6.1
CVE-2021-32159 NOMISEC HIGH WORKING POC
Webmin 1.973 - Cross-Site Request Forgery via Upload and Download Feature
A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Upload and Download feature.
CVSS 8.8
CVE-2021-32160 NOMISEC MEDIUM WORKING POC
Webmin 1.973 - Stored Cross-Site Scripting via Add Users Feature
A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the Add Users feature.
CVSS 6.1
CVE-2021-32156 NOMISEC HIGH WORKING POC
Webmin 1.973 - Cross-Site Request Forgery via Scheduled Cron Jobs
A cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature.
CVSS 8.8
CVE-2021-32157 NOMISEC CRITICAL WORKING POC
Webmin 1.973 - Stored Cross-Site Scripting via Scheduled Cron Jobs Feature
A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature.
CVSS 9.6