SukaraLin

4 exploits Active since Jun 2018
CVE-2019-2890 NOMISEC HIGH WORKING POC
Oracle WebLogic Server - RCE
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
44 stars
CVSS 7.2
CVE-2018-12045 WRITEUP CRITICAL WRITEUP
DedeCMS <V5.7SP2 - File Upload
DedeCMS through V5.7SP2 allows arbitrary file upload in dede/file_manage_control.php via a dede/file_manage_view.php?fmdo=upload request with an upfile1 parameter, as demonstrated by uploading a .php file.
CVSS 9.8
CVE-2018-12046 WRITEUP HIGH WRITEUP
DedeCMS <5.7SP2 - Code Injection
DedeCMS through 5.7SP2 allows arbitrary file write in dede/file_manage_control.php via a dede/file_manage_view.php?fmdo=newfile request with name and str parameters, as demonstrated by writing to a new .php file.
CVSS 7.5
CVE-2018-12492 WRITEUP HIGH WRITEUP
PHPOK 4.9.032 - File Deletion
PHPOK 4.9.032 has an arbitrary file deletion vulnerability in the delfile_f function in framework/admin/tpl_control.php.
CVSS 7.5