Sebastian Neef

3 exploits Active since Sep 2019
CVE-2019-17671 EXPLOITDB MEDIUM WRITEUP
Wordpress < 5.2.4 - Information Disclosure
In WordPress before 5.2.4, unauthenticated viewing of certain content is possible because the static query property is mishandled.
CVSS 5.3
CVE-2019-10092 EXPLOITDB MEDIUM WRITEUP
Apache HTTP Server <2.4.40 - XSS
In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed.
CVSS 6.1
CVE-2019-10098 EXPLOITDB MEDIUM WORKING POC
Apache HTTP Server <2.4.40 - SSRF
In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL within the request URL.
CVSS 6.1