Simon Scannell

5 exploits Active since May 2022
CVE-2018-25114 EXPLOITDB CRITICAL python WORKING POC
osCommerce Online Merchant <2.3.4.1 - RCE
A remote code execution vulnerability exists within osCommerce Online Merchant version 2.3.4.1 due to insecure default configuration and missing authentication in the installer workflow. By default, the /install/ directory remains accessible after installation. An unauthenticated attacker can invoke install_4.php, submit crafted POST data, and inject arbitrary PHP code into the configure.php file. When the application later includes this file, the injected payload is executed, resulting in full server-side compromise.
CVE-2018-25114 METASPLOIT CRITICAL ruby WORKING POC
osCommerce Online Merchant <2.3.4.1 - RCE
A remote code execution vulnerability exists within osCommerce Online Merchant version 2.3.4.1 due to insecure default configuration and missing authentication in the installer workflow. By default, the /install/ directory remains accessible after installation. An unauthenticated attacker can invoke install_4.php, submit crafted POST data, and inject arbitrary PHP code into the configure.php file. When the application later includes this file, the injected payload is executed, resulting in full server-side compromise.
CVE-2022-30333 METASPLOIT HIGH ruby WORKING POC
UnRAR Path Traversal (CVE-2022-30333)
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.
CVSS 7.5
CVE-2022-30333 METASPLOIT HIGH ruby WORKING POC
UnRAR Path Traversal (CVE-2022-30333)
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.
CVSS 7.5
EIP-2026-110378 EXPLOITDB python WORKING POC
osCommerce 2.3.4.1 - Arbitrary File Upload