jvoisin

7 exploits Active since Feb 2017
CVE-2026-22034 WRITEUP CRITICAL SCANNER
Snuffleupagus <0.13.0 - Code Injection
Snuffleupagus is a module that raises the cost of attacks against website by killing bug classes and providing a virtual patching system. On deployments of Snuffleupagus prior to version 0.13.0 with the non-default upload validation feature enabled and configured to use one of the upstream validation scripts based on Vulcan Logic Disassembler (VLD) while the VLD extension is not available to the CLI SAPI, all files from multipart POST requests are evaluated as PHP code. The issue was fixed in version 0.13.0.
CVSS 9.8
CVE-2026-22034 WRITEUP CRITICAL SCANNER
Snuffleupagus <0.13.0 - Code Injection
Snuffleupagus is a module that raises the cost of attacks against website by killing bug classes and providing a virtual patching system. On deployments of Snuffleupagus prior to version 0.13.0 with the non-default upload validation feature enabled and configured to use one of the upstream validation scripts based on Vulcan Logic Disassembler (VLD) while the VLD extension is not available to the CLI SAPI, all files from multipart POST requests are evaluated as PHP code. The issue was fixed in version 0.13.0.
CVSS 9.8
CVE-2026-22034 WRITEUP CRITICAL WRITEUP
Snuffleupagus <0.13.0 - Code Injection
Snuffleupagus is a module that raises the cost of attacks against website by killing bug classes and providing a virtual patching system. On deployments of Snuffleupagus prior to version 0.13.0 with the non-default upload validation feature enabled and configured to use one of the upstream validation scripts based on Vulcan Logic Disassembler (VLD) while the VLD extension is not available to the CLI SAPI, all files from multipart POST requests are evaluated as PHP code. The issue was fixed in version 0.13.0.
CVSS 9.8
CVE-2019-10907 WRITEUP CRITICAL WRITEUP
Airsonic 10.2.1 - Inadequate Encryption Strength in Remember-Me Mechanism
Airsonic 10.2.1 uses Spring's default remember-me mechanism based on MD5, with a fixed key of airsonic in GlobalSecurityConfig.java. An attacker able to capture cookies might be able to trivially bruteforce offline the passwords of associated users.
CVSS 9.8
CVE-2019-10908 WRITEUP CRITICAL WRITEUP
Airsonic 10.2.1 - Weak Password Generation via java.util.Random
In Airsonic 10.2.1, RecoverController.java generates passwords via org.apache.commons.lang.RandomStringUtils, which uses java.util.Random internally. This PRNG has a 48-bit seed that can easily be bruteforced, leading to trivial privilege escalation attacks.
CVSS 9.8
CVE-2026-22034 WRITEUP CRITICAL WORKING POC
Snuffleupagus <0.13.0 - Code Injection
Snuffleupagus is a module that raises the cost of attacks against website by killing bug classes and providing a virtual patching system. On deployments of Snuffleupagus prior to version 0.13.0 with the non-default upload validation feature enabled and configured to use one of the upstream validation scripts based on Vulcan Logic Disassembler (VLD) while the VLD extension is not available to the CLI SAPI, all files from multipart POST requests are evaluated as PHP code. The issue was fixed in version 0.13.0.
CVSS 9.8
CVE-2017-5982 METASPLOIT HIGH ruby WORKING POC
Kodi Chorus2 2.4.2 - Path Traversal via Encoded Dot-Dot-Slash in Image Path
Directory traversal vulnerability in the Chorus2 2.4.2 add-on for Kodi allows remote attackers to read arbitrary files via a %2E%2E%252e (encoded dot dot slash) in the image path, as demonstrated by image/image%3A%2F%2F%2e%2e%252fetc%252fpasswd.
CVSS 7.5