cai-niao98

3 exploits Active since Jun 2022
CVE-2022-26134 NOMISEC CRITICAL WORKING POC
Confluence - Remote Code Execution
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.
3 stars
CVSS 9.8
CVE-2022-43030 WRITEUP HIGH WRITEUP
Siyucms - Remote Code Execution
Siyucms v6.1.7 was discovered to contain a remote code execution (RCE) vulnerability in the background. SIYUCMS is a content management system based on ThinkPaP5 AdminLTE. SIYUCMS has a background command execution vulnerability, which can be used by attackers to gain server privileges
CVSS 7.2
CVE-2022-43031 WRITEUP HIGH WRITEUP
Dedecms - CSRF
DedeCMS v6.1.9 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily add Administrator accounts and modify Admin passwords.
CVSS 8.8