creosote

2 exploits Active since Sep 2019
CVE-2019-15813 EXPLOITDB HIGH text WORKING POC
Sentrifugo 3.2 - Authenticated Arbitrary File Upload via Restriction Bypass
Multiple file upload restriction bypass vulnerabilities in Sentrifugo 3.2 could allow authenticated users to execute arbitrary code via a webshell.
CVSS 8.8
CVE-2019-15814 EXPLOITDB MEDIUM text WORKING POC
Sentrifugo 3.2 - Authenticated Stored Cross-Site Scripting
Multiple stored XSS vulnerabilities in Sentrifugo 3.2 could allow authenticated users to inject arbitrary web script or HTML.
CVSS 5.4