OpenXP-Research

9 exploits Active since Mar 2022
CVE-2024-48359 NOMISEC CRITICAL WORKING POC
Qualitor - Code Injection
Qualitor v8.24 was discovered to contain a remote code execution (RCE) vulnerability via the gridValoresPopHidden parameter.
1 stars
CVSS 9.8
CVE-2024-48360 NOMISEC HIGH WRITEUP
Qualitor - SSRF
Qualitor v8.24 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /request/viewValidacao.php.
CVSS 7.5
CVE-2023-47253 NOMISEC CRITICAL WRITEUP
Qualitor < 8.20 - Command Injection
Qualitor through 8.20 allows remote attackers to execute arbitrary code via PHP code in the html/ad/adpesquisasql/request/processVariavel.php gridValoresPopHidden parameter.
CVSS 9.8
CVE-2022-47131 NOMISEC MEDIUM WORKING POC
Academy LMS <5.10 - CSRF
A Cross-Site Request Forgery (CSRF) in Academy LMS before v5.10 allows an attacker to arbitrarily create a page.
CVSS 4.8
CVE-2022-47130 NOMISEC MEDIUM WORKING POC
Academy LMS <5.10 - CSRF
A Cross-Site Request Forgery (CSRF) in Academy LMS before v5.10 allows a discount coupon to be arbitrarily created if an attacker with administrative privileges interacts on the CSRF page.
CVSS 4.3
CVE-2022-47132 NOMISEC HIGH WORKING POC
Academy LMS <5.10 - CSRF
A Cross-Site Request Forgery (CSRF) in Academy LMS before v5.10 allows attackers to arbitrarily add Administrator users.
CVSS 8.8
CVE-2022-29380 NOMISEC MEDIUM WRITEUP
Academy-LMS v4.3 - XSS
Academy-LMS v4.3 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the SEO panel.
CVSS 4.8
CVE-2022-2546 NOMISEC MEDIUM WORKING POC
All-in-One WP Migration <7.63 - XSS
The All-in-One WP Migration WordPress plugin before 7.63 uses the wrong content type, and does not properly escape the response from the ai1wm_export AJAX action, allowing an attacker to craft a request that when submitted by any visitor will inject arbitrary html or javascript into the response that will be executed in the victims session. Note: This requires knowledge of a static secret key
CVSS 4.7
CVE-2021-43650 NOMISEC CRITICAL WORKING POC
WebRun 3.6.0.42 - SQL Injection
WebRun 3.6.0.42 is vulnerable to SQL Injection via the P_0 parameter used to set the username during the login process.
CVSS 9.8