lp008

4 exploits Active since Dec 2019
CVE-2020-13942 NOMISEC CRITICAL WORKING POC
Apache Unomi < 1.5.2 - Injection
It is possible to inject malicious OGNL or MVEL scripts into the /context.json public endpoint. This was partially fixed in 1.5.1 but a new attack vector was found. In Apache Unomi version 1.5.2 scripts are now completely filtered from the input. It is highly recommended to upgrade to the latest available version of the 1.5.x release to fix this problem.
6 stars
CVSS 9.8
CVE-2019-10758 NOMISEC CRITICAL WORKING POC
Mongo-express < 0.54.0 - Code Injection
mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method. A misuse of the `vm` dependency to perform `exec` commands in a non-safe environment.
5 stars
CVSS 9.9
CVE-2021-25646 NOMISEC HIGH WORKING POC
Apache Druid <0.20.0 - XSS
Apache Druid includes the ability to execute user-provided JavaScript code embedded in various types of requests. This functionality is intended for use in high-trust environments, and is disabled by default. However, in Druid 0.20.0 and earlier, it is possible for an authenticated user to send a specially-crafted request that forces Druid to run user-provided JavaScript code for that request, regardless of server configuration. This can be leveraged to execute code on the target machine with the privileges of the Druid server process.
2 stars
CVSS 8.8
CVE-2019-20197 NOMISEC HIGH WORKING POC
Nagios XI - OS Command Injection
In Nagios XI 5.6.9, an authenticated user is able to execute arbitrary OS commands via shell metacharacters in the id parameter to schedulereport.php, in the context of the web-server user account.
1 stars
CVSS 8.8