dinhbaouit

4 exploits Active since Sep 2018
CVE-2021-26084 NOMISEC CRITICAL WORKING POC
Atlassian Confluence Server and Data Center - OGNL Injection
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.
54 stars
CVSS 9.8
CVE-2021-36394 NOMISEC CRITICAL WORKING POC
Moodle - Remote Code Execution in Shibboleth Authentication Plugin
In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin.
12 stars
CVSS 9.8
CVE-2021-3156 NOMISEC HIGH WORKING POC
Sudo Heap-Based Buffer Overflow
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
5 stars
CVSS 7.8
CVE-2018-16763 NOMISEC CRITICAL WORKING POC
FUEL CMS < 1.4.2 - Unauthenticated Remote Code Execution via Pages Filter or Preview Data Parameter
FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/ filter parameter or the preview/ data parameter. This can lead to Pre-Auth Remote Code Execution.
1 stars
CVSS 9.8