mkelepce - Security Researcher - Exploit Intelligence Platform

CVE-2020-12629 NOMISEC MEDIUM WORKING POC

osTicket <1.14.2 - XSS

include/class.sla.php in osTicket before 1.14.2 allows XSS via the SLA Name.

CVSS 5.4

View Code

CVE-2020-13094 NOMISEC MEDIUM WORKING POC

Dolibarr <11.0.4 - XSS

Dolibarr before 11.0.4 allows XSS.

CVSS 5.4

View Code

CVE-2020-13424 NOMISEC MEDIUM WORKING POC

Joomla! <3.5.4 - Info Disclosure

The XCloner component before 3.5.4 for Joomla! allows Authenticated Local File Disclosure.

CVSS 6.5

View Code

CVE-2020-13996 NOMISEC HIGH WORKING POC

J2store < 3.3.13 - SQL Injection

The J2Store plugin before 3.3.13 for Joomla! allows a SQL injection attack by a trusted store manager.

CVSS 8.8

View Code