numanturle

9 exploits Active since Oct 2021
CVE-2022-44877 NOMISEC CRITICAL WORKING POC
CWP login.php Unauthenticated RCE
login/index.php in CWP (aka Control Web Panel or CentOS Web Panel) 7 before 0.9.8.1147 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the login parameter.
104 stars
CVSS 9.8
CVE-2022-1388 NOMISEC CRITICAL WORKING POC
F5 BIG-IP iControl RCE via REST Authentication Bypass
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
54 stars
CVSS 9.8
CVE-2022-0332 NOMISEC CRITICAL WORKING POC
Moodle 3.11.0-3.11.4 - SQL Injection via H5P Activity Web Service
A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injection risk was identified in the h5p activity web service responsible for fetching user attempt data.
46 stars
CVSS 9.8
CVE-2022-41040 NOMISEC HIGH SCANNER
Microsoft Exchange ProxyNotShell RCE
Microsoft Exchange Server Elevation of Privilege Vulnerability
19 stars
CVSS 8.8
CVE-2021-23758 NOMISEC HIGH WORKING POC
ajaxpro.2 < 21.10.30.1 and AjaxNetProfessional < 21.11.29.1 - Remote Code Execution via Untrusted Data Deserialization
All versions of package ajaxpro.2 are vulnerable to Deserialization of Untrusted Data due to the possibility of deserialization of arbitrary .NET classes, which can be abused to gain remote code execution.
17 stars
CVSS 8.1
CVE-2021-41773 NOMISEC CRITICAL WORKING POC
Apache 2.4.49/2.4.50 Traversal RCE
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. The fix in Apache HTTP Server 2.4.50 was found to be incomplete, see CVE-2021-42013.
8 stars
CVSS 9.8
CVE-2025-25279 NOMISEC CRITICAL WRITEUP
Mattermost <10.4.1-10.3.2-10.2.2 - Info Disclosure
Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to properly validate board blocks when importing boards which allows an attacker could read any arbitrary file on the system via importing and exporting a specially crafted import archive in Boards.
4 stars
CVSS 9.9
CVE-2021-42008 NOMISEC HIGH WORKING POC
Linux Kernel 2.6.12-4.4.282 - Authenticated Out-of-bounds Write in 6pack Decode Function
The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.
2 stars
CVSS 7.8
CVE-2021-43789 INTHEWILD HIGH WORKING POC
PrestaShop <1.7.8.2 - SQL Injection
PrestaShop is an Open Source e-commerce web application. Versions of PrestaShop prior to 1.7.8.2 are vulnerable to blind SQL injection using search filters with `orderBy` and `sortOrder` parameters. The problem is fixed in version 1.7.8.2.
CVSS 7.5