Mounir Aarab

3 exploits Active since Sep 2024
CVE-2024-44685 WRITEUP MEDIUM WRITEUP
Titan SFTP & Titan MFT Server <2.0.25.2426 - Info Disclosure
Titan SFTP and Titan MFT Server 2.0.25.2426 and earlier have a vulnerability a vulnerability where sensitive information, including passwords, is exposed in clear text within the JSON response when configuring SMTP settings via the Web UI.
CVSS 5.0
CVE-2024-45527 WRITEUP MEDIUM WRITEUP
REDCap <14.7.0 - XSS
REDCap 14.7.0 allows HTML injection via the project title of a New Project action. This can lead to resultant logout CSRF via index.php?logout=1, and can also be used to insert a link to an external phishing website.
CVSS 6.1
CVE-2024-45528 WRITEUP MEDIUM WRITEUP
CodeAstro MembershipM-PHP 1.0 - XSS
CodeAstro MembershipM-PHP (aka Membership Management System in PHP) 1.0 allows add_members.php fullname stored XSS.
CVSS 5.4