killukeren

2 exploits Active since Mar 2019
CVE-2019-9053 NOMISEC HIGH WORKING POC
CMS Made Simple 2.2.8 - Unauthenticated Blind SQL Injection via News Module m1_idlist Parameter
An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve unauthenticated blind time-based SQL injection via the m1_idlist parameter.
CVSS 8.1
CVE-2024-1651 NOMISEC CRITICAL WORKING POC
Torrentpier 2.4.1 - Remote Code Execution via Insecure Deserialization
Torrentpier version 2.4.1 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to insecure deserialization.
CVSS 10.0