haxpunk1337

3 exploits Active since May 2022
CVE-2022-29596 WRITEUP CRITICAL WRITEUP
MicroStrategy Enterprise Manager 2022 - Authentication Bypass via Path Traversal in Login Substring
MicroStrategy Enterprise Manager 2022 allows authentication bypass by triggering a login failure and then entering the Uid=/../../../../../../../../../../../windows/win.ini%00.jpg&Pwd=_any_password_&ConnMode=1&3054=Login substring for directory traversal.
CVSS 9.8
CVE-2022-29975 WRITEUP MEDIUM WORKING POC
MDaemon < 22.0.0 - Authenticated Reflected Cross-Site Scripting via CC Parameter
An Authenticated Reflected Cross-site scripting at CC Parameter was discovered in MDaemon before 22.0.0 .
CVSS 5.4
CVE-2022-29976 WRITEUP MEDIUM WORKING POC
MDaemon < 22.0.0 - Authenticated Reflected Cross-Site Scripting via BCC Parameter
An Authenticated Reflected Cross-site scripting at BCC Parameter was discovered in MDaemon before 22.0.0 .
CVSS 5.4