Naveen Sunkavally

7 exploits Active since Apr 2022
CVE-2025-3248 NOMISEC CRITICAL WRITEUP
Langflow AI - Unauthenticated Remote Code Execution
Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code.
1 stars
CVSS 9.8
CVE-2024-24809 METASPLOIT HIGH ruby WORKING POC
Traccar - Unrestricted File Upload
Traccar is an open source GPS tracking system. Versions prior to 6.0 are vulnerable to path traversal and unrestricted upload of file with dangerous type. Since the system allows registration by default, attackers can acquire ordinary user permissions by registering an account and exploit this vulnerability to upload files with the prefix `device.` under any folder. Attackers can use this vulnerability for phishing, cross-site scripting attacks, and potentially execute arbitrary commands on the server. Version 6.0 contains a patch for the issue.
CVSS 8.5
CVE-2023-27524 METASPLOIT HIGH ruby WORKING POC
Apache Superset Signed Cookie Priv Esc
Session Validation attacks in Apache Superset versions up to and including 2.0.1. Installations that have not altered the default configured SECRET_KEY according to installation instructions allow for an attacker to authenticate and access unauthorized resources. This does not affect Superset administrators who have changed the default value for SECRET_KEY config. All superset installations should always set a unique secure random SECRET_KEY. Your SECRET_KEY is used to securely sign all session cookies and encrypting sensitive information on the database. Add a strong SECRET_KEY to your `superset_config.py` file like: SECRET_KEY = <YOUR_OWN_RANDOM_GENERATED_SECRET_KEY> Alternatively you can set it with `SUPERSET_SECRET_KEY` environment variable.
CVSS 8.9
CVE-2023-37679 METASPLOIT CRITICAL ruby WORKING POC
Mirth Connect Deserialization RCE
A remote command execution (RCE) vulnerability in NextGen Mirth Connect v4.3.0 allows attackers to execute arbitrary commands on the hosting server.
CVSS 9.8
CVE-2022-28219 METASPLOIT CRITICAL ruby WORKING POC
ManageEngine ADAudit Plus CVE-2022-28219
Cewolf in Zoho ManageEngine ADAudit Plus before 7060 is vulnerable to an unauthenticated XXE attack that leads to Remote Code Execution.
CVSS 9.8
CVE-2023-39265 METASPLOIT LOW ruby WORKING POC
Apache Superset <= 2.1.0 - SQLite Database Connection Manipulation via Alternative Driver Names
Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is using a SQLite database for its metadata (not advised for production use) it could result in more severe vulnerabilities related to confidentiality and integrity. This vulnerability exists in Apache Superset versions up to and including 2.1.0.
CVSS 3.8
CVE-2024-31214 METASPLOIT CRITICAL ruby WORKING POC
Traccar 5.1-5.12 - Unauthenticated Arbitrary File Upload via Device Image API
Traccar is an open source GPS tracking system. Traccar versions 5.1 through 5.12 allow arbitrary files to be uploaded through the device image upload API. Attackers have full control over the file contents, full control over the directory where the file is stored, full control over the file extension, and partial control over the file name. While it's not for an attacker to overwrite an existing file, an attacker can create new files with certain names and attacker-controlled extensions anywhere on the file system. This can potentially lead to remote code execution, XSS, DOS, etc. The default install of Traccar makes this vulnerability more severe. Self-registration is enabled by default, allowing anyone to create an account to exploit this vulnerability. Traccar also runs by default with root/system privileges, allowing files to be placed anywhere on the file system. Version 6.0 contains a fix for the issue. One may also turn off self-registration by default, as that would make most vulnerabilities in the application much harder to exploit by default and reduce the severity considerably.
CVSS 9.6