Mohin Paramasivam

7 exploits Active since May 2019
CVE-2018-19571 EXPLOITDB HIGH python WORKING POC
GitLab CE/EE <11.3.11-11.5.1 - SSRF
GitLab CE/EE, versions 8.18 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an SSRF vulnerability in webhooks.
CVSS 7.7
EIP-2026-114684 EXPLOITDB python WORKING POC
Sentry 8.2.0 - Remote Code Execution (RCE) (Authenticated)
CVE-2018-19585 EXPLOITDB HIGH python WORKING POC
GitLab CE/EE <11.3.11-11.5.1 - CRLF Injection
GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1 have CRLF Injection in Project Mirroring when using the Git protocol.
CVSS 7.5
EIP-2026-114104 EXPLOITDB python WORKING POC
WordPress Plugin Survey & Poll 1.5.7.3 - 'sss_params' SQL Injection (2)
CVE-2019-14287 EXPLOITDB HIGH python WORKING POC
Sudo <1.8.28 - Privilege Escalation
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command.
CVSS 8.8
EIP-2026-102787 EXPLOITDB bash WORKING POC
Bash 5.0 Patch 11 - SUID Priv Drop Exploit
CVE-2019-20085 EXPLOITDB HIGH python WORKING POC
TVT Nvms-1000 Firmware - Path Traversal
TVT NVMS-1000 devices allow GET /.. Directory Traversal
CVSS 7.5