exploit-
intel
Search
Blog
Stats
Labs
Tools
Tools
EIP CLI Search Tool
EIP MCP Server
EIP REST API
API Rate Limits
About
About
About Exploit Intel
About Exploit Forge
Privacy Policy
RSS Feeds
Blog Posts
Recent CVEs
CVEs with Exploits
CISA KEV
Theme
Color Theme
Cyan
Amber
Milw0rm
Light Warm
Paper
Navy
Search
Blog
Statistics
Labs
Tools
EIP CLI Search Tool
EIP MCP Server
EIP REST API
API Rate Limits
About
About Exploit Forge
Privacy
Exploit Database
Researchers
CWE Categories
Vendors
Ecosystems
RSS Feeds
Blog Posts
Recent CVEs
CVEs with Exploits
CISA KEV
Follow:
Theme:
Home
/
Researchers
/
crstaicu
crstaicu
2
exploits
Active since Mar 2019
CVE-2019-5413
NOMISEC
CRITICAL
TROJAN
morgan < 1.9.1 - Remote Code Execution via Format Parameter Injection
An attacker can use the format parameter to inject arbitrary commands in the npm package morgan < 1.9.1.
CVSS 9.8
View Code
CVE-2019-5414
NOMISEC
HIGH
SUSPICIOUS
kill-port < 1.3.2 - Command Injection
If an attacker can control the port, which in itself is a very sensitive value, they can inject arbitrary OS commands due to the usage of the exec function in a third-party module kill-port < 1.3.2.
CVSS 8.1
View Code