giulioschiavone

3 exploits Active since Oct 2025
CVE-2025-61197 WRITEUP HIGH WRITEUP
Orban Optimod <1.0.0.33-2.5.26 - Privilege Escalation
An issue in Orban Optimod 5950, Optimod 5950HD, Optimod 5750, Optimod 5750HD, Optimod Trio Optimod version 1.0.0.33 - System version 2.5.26 allows a remote attacker to escalate privileges via the application stores user privilege/role information in client-side browser storage
CVSS 8.9
CVE-2025-61198 WRITEUP MEDIUM WRITEUP
Optimod 5950 5950HD 5750 5750HD Trio 1.0.0.33 System 2.5.26 - Stored Cross-Site Scripting in Log Renderer
A stored cross-site scripting (XSS) vulnerability in Optimod 5950 - Optimod 5950HD - Optimod 5750 - Optimod 5750HD - Optimod Trio - Optimod version 1.0.0.33 - System version 2.5.26, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the logs which would be returned in logs rendered in the UI.
CVSS 5.4
CVE-2025-67397 WRITEUP CRITICAL WRITEUP
passy 1.6.3 - Authenticated Remote Code Execution via HTTP Request Payload Injection
An issue in Passy v.1.6.3 allows a remote authenticated attacker to execute arbitrary commands via a crafted HTTP request using a specific payload injection.
CVSS 9.1