Rafael Resende

1 exploit Active since Jan 2021
CVE-2020-35131 EXPLOITDB CRITICAL text WORKING POC
Cockpit < 0.6.1 - Remote Code Execution via registerCriteriaFunction
Cockpit before 0.6.1 allows an attacker to inject custom PHP code and achieve Remote Command Execution via registerCriteriaFunction in lib/MongoLite/Database.php, as demonstrated by values in JSON data to the /auth/check or /auth/requestreset URI.
CVSS 9.8