davidxbors

3 exploits Active since Apr 2024
CVE-2025-25014 NOMISEC CRITICAL SCANNER
Kibana - Code Injection
A Prototype pollution vulnerability in Kibana leads to arbitrary code execution via crafted HTTP requests to machine learning and reporting endpoints.
1 stars
CVSS 9.1
CVE-2023-47504 NOMISEC MEDIUM WORKING POC
Elementor Website Builder < 3.16.5 - Authentication Bypass
Improper Authentication vulnerability in Elementor Elementor Website Builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Elementor Website Builder: from n/a through 3.16.4.
1 stars
CVSS 6.5
CVE-2024-7399 NOMISEC HIGH WORKING POC
Samsung MagicINFO 9 Server Remote Code Execution (CVE-2024-7399)
Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority.
CVSS 8.8