That-Guy-Steve

2 exploits Active since May 2018

CVE-2022-28368 NOMISEC CRITICAL WORKING POC

dompdf < 1.2.1 - Remote Code Execution via CSS @font-face src:url

Dompdf 1.2.1 allows remote code execution via a .php file in the src:url field of an @font-face Cascading Style Sheets (CSS) statement (within an HTML input file).

CVSS 9.8

View Code

CVE-2018-1133 NOMISEC HIGH WORKING POC

Moodle 3.1.0-3.1.11, 3.1-3.1.12 - Remote Code Execution via Calculated Question Eval Injection

An issue was discovered in Moodle 3.x. A Teacher creating a Calculated question can intentionally cause remote code execution on the server, aka eval injection.

CVSS 8.8

View Code