merbinr

2 exploits Active since Jun 2023

CVE-2023-31606 NOMISEC HIGH WRITEUP

RedCloth 4.0.0-4.3.2 - Regular Expression Denial of Service in sanitize_html

A Regular Expression Denial of Service (ReDoS) issue was discovered in the sanitize_html function of redcloth gem v4.0.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.

2 stars

CVSS 7.5

View Code

CVE-2024-44623 NOMISEC CRITICAL WRITEUP

TuomoKu SPx-GC <= 1.3.0 child_process.js - Remote Code Execution

An issue in TuomoKu SPx-GC v.1.3.0 and before allows a remote attacker to execute arbitrary code via the child_process.js function.

CVSS 9.8

View Code