giulioschiavone

3 exploits Active since Oct 2025
CVE-2025-61197 WRITEUP HIGH WRITEUP
Orban Optimod <1.0.0.33-2.5.26 - Privilege Escalation
An issue in Orban Optimod 5950, Optimod 5950HD, Optimod 5750, Optimod 5750HD, Optimod Trio Optimod version 1.0.0.33 - System version 2.5.26 allows a remote attacker to escalate privileges via the application stores user privilege/role information in client-side browser storage
CVSS 8.9
CVE-2025-61198 WRITEUP MEDIUM WRITEUP
Optimod <1.0.0.33-2.5.26 - XSS
A stored cross-site scripting (XSS) vulnerability in Optimod 5950 - Optimod 5950HD - Optimod 5750 - Optimod 5750HD - Optimod Trio - Optimod version 1.0.0.33 - System version 2.5.26, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the logs which would be returned in logs rendered in the UI.
CVSS 5.4
CVE-2025-67397 WRITEUP CRITICAL WRITEUP
Passy - Command Injection
An issue in Passy v.1.6.3 allows a remote authenticated attacker to execute arbitrary commands via a crafted HTTP request using a specific payload injection.
CVSS 9.1