Podalirius

16 exploits Active since Sep 2018
CVE-2021-43008 NOMISEC HIGH WORKING POC
Adminer <4.6.2 - Info Disclosure
Improper Access Control in Adminer versions 1.12.0 to 4.6.2 (fixed in version 4.6.3) allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database.
88 stars
CVSS 7.5
CVE-2022-21907 NOMISEC CRITICAL WORKING POC
HTTP Protocol Stack - RCE
HTTP Protocol Stack Remote Code Execution Vulnerability
83 stars
CVSS 9.8
CVE-2020-14144 NOMISEC HIGH WORKING POC
Gitea < 1.12.5 - OS Command Injection
The git hook feature in Gitea 1.1.0 through 1.12.5 might allow for authenticated remote code execution in customer environments where the documentation was not understood (e.g., one viewpoint is that the dangerousness of this feature should be documented immediately above the ENABLE_GIT_HOOKS line in the config file). NOTE: The vendor has indicated this is not a vulnerability and states "This is a functionality of the software that is limited to a very limited subset of accounts. If you give someone the privilege to execute arbitrary code on your server, they can execute arbitrary code on your server. We provide very clear warnings to users around this functionality and what it provides.
30 stars
CVSS 7.2
CVE-2018-16763 NOMISEC CRITICAL WORKING POC
FUEL CMS 1.4.1 - RCE
FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/ filter parameter or the preview/ data parameter. This can lead to Pre-Auth Remote Code Execution.
23 stars
CVSS 9.8
CVE-2016-10956 NOMISEC HIGH WORKING POC
Mail-masta - Improper Input Validation
The mail-masta plugin 1.0 for WordPress has local file inclusion in count_of_send.php and csvexport.php.
20 stars
CVSS 7.5
CVE-2022-30780 NOMISEC HIGH WORKING POC
Lighttpd 1.4.56-1.4.58 - DoS
Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consumption from stuck connections) because connection_read_header_more in connections.c has a typo that disrupts use of multiple read operations on large headers.
17 stars
CVSS 7.5
CVE-2022-26159 NOMISEC MEDIUM WORKING POC
Ametys CMS <4.5.0 - Info Disclosure
The auto-completion plugin in Ametys CMS before 4.5.0 allows a remote unauthenticated attacker to read documents such as plugins/web/service/search/auto-completion/<domain>/en.xml (and similar pathnames for other languages), which contain all characters typed by all users, including the content of private pages. For example, a private page may contain usernames, e-mail addresses, and possibly passwords.
14 stars
CVSS 5.3
CVE-2021-31800 NOMISEC CRITICAL WORKING POC
Secureauth Impacket < 0.9.22 - Path Traversal
Multiple path traversal vulnerabilities exist in smbserver.py in Impacket through 0.9.22. An attacker that connects to a running smbserver instance can list and write to arbitrary files via ../ directory traversal. This could potentially be abused to achieve arbitrary code execution by replacing /etc/shadow or an SSH authorized key.
10 stars
CVSS 9.8
CVE-2025-26529 NOMISEC HIGH WORKING POC
Moodle < 4.1.16 - XSS
Description information displayed in the site administration live log required additional sanitizing to prevent a stored XSS risk.
9 stars
CVSS 8.3
CVE-2020-8813 NOMISEC HIGH WORKING POC
Cacti 1.2.8 - Command Injection
graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege.
7 stars
CVSS 8.8
CVE-2022-36446 NOMISEC CRITICAL WORKING POC
Webmin <1.997 - XSS
software/apt-lib.pl in Webmin before 1.997 lacks HTML escaping for a UI command.
CVSS 9.8
CVE-2016-10956 INTHEWILD HIGH WORKING POC
Mail-masta - Improper Input Validation
The mail-masta plugin 1.0 for WordPress has local file inclusion in count_of_send.php and csvexport.php.
CVSS 7.5
CVE-2020-15867 METASPLOIT HIGH ruby WORKING POC
Gogs < 0.12.2 - Remote Code Execution
The git hook feature in Gogs 0.5.5 through 0.12.2 allows for authenticated remote code execution. There can be a privilege escalation if access to this hook feature is granted to a user who does not have administrative privileges. NOTE: because this is mentioned in the documentation but not in the UI, it could be considered a "Product UI does not Warn User of Unsafe Actions" issue.
CVSS 7.2
CVE-2020-14144 METASPLOIT HIGH ruby WORKING POC
Gitea < 1.12.5 - OS Command Injection
The git hook feature in Gitea 1.1.0 through 1.12.5 might allow for authenticated remote code execution in customer environments where the documentation was not understood (e.g., one viewpoint is that the dangerousness of this feature should be documented immediately above the ENABLE_GIT_HOOKS line in the config file). NOTE: The vendor has indicated this is not a vulnerability and states "This is a functionality of the software that is limited to a very limited subset of accounts. If you give someone the privilege to execute arbitrary code on your server, they can execute arbitrary code on your server. We provide very clear warnings to users around this functionality and what it provides.
CVSS 7.2
EIP-2026-104263 EXPLOITDB python WORKING POC
Gitea 1.12.5 - Remote Code Execution (Authenticated)
CVE-2020-1147 EXPLOITDB HIGH python WORKING POC
Microsoft .net Core < 15.9 - Remote Code Execution
A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.
CVSS 7.8