itstarsec

2 exploits Active since Feb 2020
CVE-2020-0618 NOMISEC HIGH WORKING POC
Microsoft SQL Server Reporting Services - Remote Code Execution via ViewState Deserialization
A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka 'Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability'.
2 stars
CVSS 8.8
CVE-2025-48703 NOMISEC CRITICAL SUSPICIOUS
Control Web Panel < 0.9.8.1205 filemanager - Unauthenticated Command Execution
CWP (aka Control Web Panel or CentOS Web Panel) before 0.9.8.1205 allows unauthenticated remote code execution via shell metacharacters in the t_total parameter in a filemanager changePerm request. A valid non-root username must be known.
CVSS 9.0