btar1gan

6 exploits Active since Feb 2022
CVE-2024-39205 NOMISEC CRITICAL WORKING POC
pyload-ng v0.5.0b3.dev85 - Remote Code Execution via Crafted HTTP Request
An issue in pyload-ng v0.5.0b3.dev85 running under python3.11 or below allows attackers to execute arbitrary code via a crafted HTTP request.
1 stars
CVSS 9.8
CVE-2022-24112 NOMISEC CRITICAL WORKING POC
APISIX Admin API default access token RCE
An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX (with default API key) is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different from the data panel, the impact is lower. But there is still a risk to bypass the IP restriction of Apache APISIX's data panel. There is a check in the batch-requests plugin which overrides the client IP with its real remote IP. But due to a bug in the code, this check can be bypassed.
1 stars
CVSS 9.8
CVE-2023-27163 NOMISEC MEDIUM NO CODE
request-baskets < 1.2.1 - Server-Side Request Forgery via /api/baskets/{name} Endpoint
request-baskets up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/baskets/{name}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request.
CVSS 6.5
CVE-2023-33831 NOMISEC CRITICAL WORKING POC
FUXA 1.1.13 - Remote Code Execution via /api/runscript Endpoint
A remote command execution (RCE) vulnerability in the /api/runscript endpoint of FUXA 1.1.13 allows attackers to execute arbitrary commands via a crafted POST request.
CVSS 9.8
CVE-2022-35914 NOMISEC CRITICAL NO CODE
GLPI htmLawed php command injection
/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP code injection.
CVSS 9.8
CVE-2023-0297 NOMISEC CRITICAL NO CODE
pyLoad js2py Python Execution
Code Injection in GitHub repository pyload/pyload prior to 0.5.0b3.dev31.
CVSS 9.8