William Bowling (vakzz) - Security Researcher - Exploit Intelligence Platform

CVE-2020-10977 NOMISEC MEDIUM WORKING POC

GitLab EE/CE <12.9 - Path Traversal

GitLab EE/CE 8.5 to 12.9 is vulnerable to a an path traversal when moving an issue between projects.

4 stars

CVSS 5.5

View Code

CVE-2022-2992 METASPLOIT CRITICAL ruby WORKING POC

GitLab GitHub Repo Import Deserialization RCE

A vulnerability in GitLab CE/EE affecting all versions from 11.10 prior to 15.1.6, 15.2 to 15.2.4, 15.3 to 15.3.2 allows an authenticated user to achieve remote code execution via the Import from GitHub API endpoint.

CVSS 9.9

View Code

CVE-2020-10977 METASPLOIT MEDIUM ruby WORKING POC

GitLab EE/CE <12.9 - Path Traversal

GitLab EE/CE 8.5 to 12.9 is vulnerable to a an path traversal when moving an issue between projects.

CVSS 5.5

View Code

EIP-2026-114697 EXPLOITDB text WORKING POC

GitLab 12.9.0 - Arbitrary File Read

View Code