Tomasz Chiliński

3 exploits Active since Jun 2026
CVE-2026-40455 WRITEUP HIGH WRITEUP
LMS < 4cb30a7 tarifflist.php - Authenticated SQL Injection
An SQL Injection vulnerability exists in LMS (LAN Management System) before commit 4cb30a7 within the "tarifflist.php" module due to insufficient sanitization of the POST "tg[]" parameter. The application directly concatenates user-supplied array values into an SQL query using "implode()", allowing authenticated attackers to perform Error-Based SQL injection and extract sensitive database information.
CVE-2026-40456 WRITEUP HIGH WRITEUP
LMS < 9fcb4de IP Address Parameter - OS Command Injection
An OS Command Injection vulnerability exists in LMS (LAN Management System) before commit 9fcb4de due to an IP address parameter being passed to the "exec()" function without proper validation, allowing attackers to execute arbitrary operating system commands.
CVE-2026-40457 WRITEUP LOW WRITEUP
LMS < 9c5651b dbrecover.php/netremap.php - Reflected Cross-Site Scripting
A Reflected Cross-Site Scripting (XSS) vulnerability exists in LMS (LAN Management System) before commit 9c5651b in the "dbrecover.php" and "netremap.php" modules where unsanitized GET parameters are directly embedded into HTML output. This allows an attacker to inject arbitrary JavaScript when an authenticated user clicks a crafted link, provided the required conditions (such as a network defined in the system) are met.