Mohammed Fadhl Al-Barbari aka @m4dm0e

2 exploits Active since Dec 2020
CVE-2020-29597 WRITEUP CRITICAL WRITEUP
IncomCMS 2.0 - Unauthenticated Unrestricted File Upload via modules/uploader/showcase/script.php
IncomCMS 2.0 has a modules/uploader/showcase/script.php insecure file upload vulnerability. This vulnerability allows unauthenticated attackers to upload files into the server.
CVSS 9.8
CVE-2021-3018 WRITEUP CRITICAL WRITEUP
ipeak Infosystems ibexwebCMS <3.5 - SQL Injection
ipeak Infosystems ibexwebCMS (aka IPeakCMS) 3.5 is vulnerable to an unauthenticated Boolean-based SQL injection via the id parameter on the /cms/print.php page.
CVSS 9.8