Rodolfo Mariano

5 exploits Active since Apr 2021
CVE-2023-33831 NOMISEC CRITICAL WORKING POC
FUXA 1.1.13 - Remote Code Execution via /api/runscript Endpoint
A remote command execution (RCE) vulnerability in the /api/runscript endpoint of FUXA 1.1.13 allows attackers to execute arbitrary commands via a crafted POST request.
10 stars
CVSS 9.8
CVE-2024-57698 NOMISEC HIGH WORKING POC
modernwms 1.0 - Unauthenticated Information Disclosure via User List Endpoint
An issue in modernwms v.1.0 allows an attacker view the MD5 hash of the administrator password and other attributes without authentication, even after initial configuration and password change. This happens due to excessive exposure of information and the lack of adequate access control on the /user/list?culture=en-us endpoint.
CVSS 7.5
EIP-2026-114748 EXPLOITDB text WORKING POC
FUXA V.1.1.13-1186 - Unauthenticated Remote Code Execution (RCE)
CVE-2021-32403 EXPLOITDB HIGH html WORKING POC
Intelbras RF 301K Firmware 1.1.2 - Cross-Site Request Forgery
Intelbras Router RF 301K Firmware 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF) due to lack of security mechanisms for token protection and unsafe inputs and modules.
CVSS 8.8
CVE-2021-31152 EXPLOITDB HIGH html WORKING POC
Multilaser Router AC1200 V02.03.01.45_pt - CSRF
Multilaser Router AC1200 V02.03.01.45_pt contains a cross-site request forgery (CSRF) vulnerability. An attacker can enable remote access, change passwords, and perform other actions through misconfigured requests, entries, and headers.
CVSS 8.8