andrei2308

3 exploits Active since Aug 2022
CVE-2025-55182 NOMISEC CRITICAL WORKING POC
React Server Components <19.2.0 - RCE
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.
1 stars
CVSS 10.0
CVE-2020-21365 NOMISEC HIGH STUB
Wkhtmltopdf < 0.12.5 - Path Traversal
Directory traversal vulnerability in wkhtmltopdf through 0.12.5 allows remote attackers to read local files and disclose sensitive information via a crafted html file running with the default configurations.
CVSS 7.5
CVE-2020-21365 NOMISEC HIGH NO CODE
Wkhtmltopdf < 0.12.5 - Path Traversal
Directory traversal vulnerability in wkhtmltopdf through 0.12.5 allows remote attackers to read local files and disclose sensitive information via a crafted html file running with the default configurations.
CVSS 7.5