Sipke Mellema - Security Researcher - Exploit Intelligence Platform

CVE-2019-25290 EXPLOITDB MEDIUM text WORKING POC

Smartliving SmartLAN/G/SI <=6.x - SSRF

Smartliving SmartLAN/G/SI <=6.x contains an unauthenticated server-side request forgery vulnerability in the GetImage functionality through the 'host' parameter. Attackers can exploit the onvif.cgi endpoint by specifying external domains to bypass firewalls and perform network enumeration through arbitrary HTTP requests.

CVSS 5.3

View Code

EIP-2026-113836 EXPLOITDB html WORKING POC

WordPress Plugin Instagram Feed 1.4.6.2 - Cross-Site Request Forgery

View Code

EIP-2026-101581 EXPLOITDB python WORKING POC

CBAS-Web 19.0.0 - Remote Code Execution

View Code

CVE-2019-7269 EXPLOITDB CRITICAL bash WORKING POC

Linear eMerge 50P/5000P - Command Injection

Linear eMerge 50P/5000P devices allow Authenticated Command Injection with root Code Execution.

CVSS 9.8

View Code

EIP-2026-101734 EXPLOITDB bash WORKING POC

FlexAir Access Control 2.4.9api3 - Remote Code Execution

View Code