Youssef Muhammad - Security Researcher - Exploit Intelligence Platform

CVE-2022-41544 GITLAB CRITICAL WORKING POC

GetSimple CMS 3.3.16 - Remote Code Execution via Edited File Parameter

GetSimple CMS v3.3.16 was discovered to contain a remote code execution (RCE) vulnerability via the edited_file parameter in admin/theme-edit.php.

CVSS 9.8

View Code

CVE-2022-41544 GITLAB CRITICAL WORKING POC

GetSimple CMS 3.3.16 - Remote Code Execution via Edited File Parameter

GetSimple CMS v3.3.16 was discovered to contain a remote code execution (RCE) vulnerability via the edited_file parameter in admin/theme-edit.php.

CVSS 9.8

View Code

CVE-2022-41544 NOMISEC CRITICAL WORKING POC

GetSimple CMS 3.3.16 - Remote Code Execution via Edited File Parameter

GetSimple CMS v3.3.16 was discovered to contain a remote code execution (RCE) vulnerability via the edited_file parameter in admin/theme-edit.php.

CVSS 9.8

View Code

CVE-2022-41544 EXPLOITDB CRITICAL python WORKING POC

GetSimple CMS 3.3.16 - Remote Code Execution via Edited File Parameter

GetSimple CMS v3.3.16 was discovered to contain a remote code execution (RCE) vulnerability via the edited_file parameter in admin/theme-edit.php.

CVSS 9.8

View Code

EIP-2026-104151 EXPLOITDB python WORKING POC

Adobe ColdFusion versions 2018_15 (and earlier) and 2021_5 and earlier - Arbitrary File Read

View Code

CVE-2023-0669 EXPLOITDB HIGH java WORKING POC

Fortra GoAnywhere MFT Unsafe Deserialization RCE

Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. This issue was patched in version 7.1.2.

CVSS 7.2

View Code