Subodh

2 exploits Active since Apr 2019

CVE-2018-18823 WRITEUP MEDIUM WORKING POC

WolfCMS 0.8.3.1 - Stored Cross-Site Scripting via SVG File Upload

WolfCMS 0.8.3.1 allows XSS via an SVG file to /?/admin/plugin/file_manager/browse/.

CVSS 4.8

View Code

CVE-2021-33926 WRITEUP HIGH WRITEUP

Plone 4.3.2-5.2.4 - Server-Side Request Forgery via RSS Feed Portlet

An issue in Plone CMS v. 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.1rc2, 5.1rc1, 5.1b4, 5.1b3, 5.1b2, 5.1a2, 5.1a1, 5.1.7, 5.1.6, 5.1.5, 5.1.4, 5.1.2, 5.1.1 5.1, 5.0rc3, 5.0rc2, 5.0rc1, 5.0.9, 5.0.8, 5.0.7, 5.0.6, 5.0.5, 5.0.4, 5.0.3, 5.0.2, 5.0.10, 5.0.1, 5.0, 4.3.9, 4.3.8, 4.3.7, 4.3.6, 4.3.5, 4.3.4, 4.3.3, 4.3.20, 4 allows attacker to access sensitive information via the RSS feed protlet.

CVSS 8.8

View Code