Vishwaraj Bhattrai

4 exploits Active since Jun 2019
CVE-2022-44384 EXPLOITDB HIGH python WORKING POC
rconfig <3.9.6 - RCE
An arbitrary file upload vulnerability in rconfig v3.9.6 allows attackers to execute arbitrary code via a crafted PHP file.
CVSS 8.8
CVE-2022-43138 EXPLOITDB CRITICAL text WORKING POC
Dolibarr Open Source ERP & CRM <14.0.1 - Privilege Escalation
Dolibarr Open Source ERP & CRM for Business before v14.0.1 allows attackers to escalate privileges via a crafted API.
CVSS 9.8
CVE-2022-44384 METASPLOIT HIGH ruby WORKING POC
rconfig <3.9.6 - RCE
An arbitrary file upload vulnerability in rconfig v3.9.6 allows attackers to execute arbitrary code via a crafted PHP file.
CVSS 8.8
CVE-2018-20523 EXPLOITDB MEDIUM text WORKING POC
MI Stock Browser - Command Injection
Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi Android phones allows content provider injection. In other words, a third-party application can read the user's cleartext browser history via an app.provider.query content://com.android.browser.searchhistory/searchhistory request.
CVSS 5.3