momo1239

4 exploits Active since May 2024
CVE-2024-9463 NOMISEC HIGH WORKING POC
Paloaltonetworks Expedition < 1.2.96 - OS Command Injection
An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.
1 stars
CVSS 7.5
CVE-2024-35333 NOMISEC HIGH WRITEUP
html2xhtml 1.3 - Buffer Overflow
A stack-buffer-overflow vulnerability exists in the read_charset_decl function of html2xhtml 1.3. This vulnerability occurs due to improper bounds checking when copying data into a fixed-size stack buffer. An attacker can exploit this vulnerability by providing a specially crafted input to the vulnerable function, causing a buffer overflow and potentially leading to arbitrary code execution, denial of service, or data corruption.
CVSS 8.4
CVE-2023-24203 NOMISEC MEDIUM WRITEUP
SourceCodester CRM 1.0 - XSS
Cross Site Scripting vulnerability in SourceCodester Simple Customer Relationship Management System v1.0 allows attacker to execute arbitary code via the company or query parameter(s).
CVSS 5.4
CVE-2023-24204 WRITEUP MEDIUM WRITEUP
SourceCodester CRM <1.0 - RCE
SQL injection vulnerability in SourceCodester Simple Customer Relationship Management System v1.0 allows attacker to execute arbitrary code via the name parameter in get-quote.php.
CVSS 5.4