Sergey Gerasimov

3 exploits Active since Sep 2021
CVE-2022-46763 WRITEUP HIGH WRITEUP
TrueConf Server <5.2.6.10025 - SQL Injection
A SQL injection issue in a database stored function in TrueConf Server 5.2.0.10225 (fixed in 5.2.6.10025) allows a low-privileged database user to execute arbitrary SQL commands as the database administrator, resulting in execution of arbitrary code.
CVSS 8.8
CVE-2022-46764 WRITEUP CRITICAL WRITEUP
TrueConf Server <5.2.6 - SQL Injection
A SQL injection issue in the web API in TrueConf Server 5.2.0.10225 (fixed in 5.2.6.10025) allows remote unauthenticated attackers to execute arbitrary SQL commands, ultimately leading to remote code execution.
CVSS 9.8
CVE-2021-22005 METASPLOIT CRITICAL ruby WORKING POC
Vmware Cloud Foundation < 5.0 - Path Traversal
The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file.
CVSS 9.8