MikeTheHash

2 exploits Active since Jan 2018

CVE-2018-5955 NOMISEC CRITICAL WORKING POC

GitStack <2.3.10 - Privilege Escalation

An issue was discovered in GitStack through 2.3.10. User controlled input is not sufficiently filtered, allowing an unauthenticated attacker to add a user to the server via the username and password fields to the rest/user/ URI.

10 stars

CVSS 9.8

View Code

CVE-2025-55182 NOMISEC CRITICAL WORKING POC

React Server Components <19.2.0 - RCE

A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.

CVSS 10.0

View Code