Nicola Iarocci

1 exploit Active since Mar 2018
CVE-2018-8097 WRITEUP CRITICAL WRITEUP
Eve < 0.7.5 - Remote Code Execution via MongoDB Where Parameter
io/mongo/parser.py in Eve (aka pyeve) before 0.7.5 allows remote attackers to execute arbitrary code via Code Injection in the where parameter.
CVSS 9.8