Victor Hanna

5 exploits Active since Jun 2019
CVE-2019-12836 NOMISEC HIGH WRITEUP
Bobronix Jeditor < 3.0.6 - CSRF
The Bobronix JEditor editor before 3.0.6 for Jira allows an attacker to add a URL/Link (to an existing issue) that can cause forgery of a request to an out-of-origin domain. This in turn may allow for a forged request that can be invoked in the context of an authenticated user, leading to stealing of session tokens and account takeover.
7 stars
CVSS 8.8
CVE-2022-43704 NOMISEC MEDIUM WORKING POC
Sinilink XY-WFT1 WiFi Remote Thermostat <1.3.6 - Auth Bypass
The Sinilink XY-WFT1 WiFi Remote Thermostat, running firmware 1.3.6, allows an attacker to bypass the intended requirement to communicate using MQTT. It is possible to replay Sinilink aka SINILINK521 protocol (udp/1024) commands interfacing directly with the target device. This, in turn, allows for an attack to control the onboard relay without requiring authentication via the mobile application. This might result in an unacceptable temperature within the target device's physical environment.
5 stars
CVSS 5.9
CVE-2021-45901 EXPLOITDB MEDIUM python WORKING POC
ServiceNow Orlando - Info Disclosure
The password-reset form in ServiceNow Orlando provides different responses to invalid authentication attempts depending on whether the username exists.
CVSS 5.3
CVE-2022-29593 EXPLOITDB MEDIUM python WORKING POC
Dingtian DT-R002 - RCE
relay_cgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to replay HTTP post requests without the need for authentication or a valid signed/authorized request.
CVSS 5.9
EIP-2026-100074 EXPLOITDB python WORKING POC
Magic Home Pro 1.5.1 - Authentication Bypass