gquere

5 exploits Active since Sep 2018
CVE-2020-7931 NOMISEC HIGH WORKING POC
JFrog Artifactory <5.11.8 and 6.8.0-6.8.17 - Remote Code Execution via FreeMarker Template Processing
In JFrog Artifactory 5.x and 6.x, insecure FreeMarker template processing leads to remote code execution, e.g., by modifying a .ssh/authorized_keys file. Patches are available for various versions between 5.11.8 and 6.16.0. The issue exists because use of the DefaultObjectWrapper class makes certain Java functions accessible to a template.
51 stars
CVSS 8.8
CVE-2019-6693 NOMISEC MEDIUM WORKING POC
FortiOS < 5.6.10 - Use of Hard-coded Credentials in Configuration Backup
Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key. The aforementioned sensitive data includes users' passwords (except the administrator's password), private keys' passphrases and High Availability password (when set).
7 stars
CVSS 6.5
CVE-2020-6364 NOMISEC CRITICAL WRITEUP
SAP Solution Manager/Focused Run <10.7 - Code Injection
SAP Solution Manager and SAP Focused Run (update provided in WILY_INTRO_ENTERPRISE 9.7, 10.1, 10.5, 10.7), allows an attacker to modify a cookie in a way that OS commands can be executed and potentially gain control over the host running the CA Introscope Enterprise Manager,leading to Code Injection. With this, the attacker is able to read and modify all system files and also impact system availability.
2 stars
CVSS 10.0
CVE-2017-6913 NOMISEC MEDIUM WRITEUP
Open-Xchange AppSuite < 7.6.3 - Cross-Site Scripting via Time Tag Event Attribute
Cross-site scripting (XSS) vulnerability in the Open-Xchange webmail before 7.6.3-rev28 allows remote attackers to inject arbitrary web script or HTML via the event attribute in a time tag.
2 stars
CVSS 6.1
CVE-2018-16987 NOMISEC HIGH WRITEUP
Squash TM <1.18.0 - Info Disclosure
Squash TM through 1.18.0 presents the cleartext passwords of external services in the administration panel, as demonstrated by a ta-server-password field in the HTML source code.
1 stars
CVSS 7.2