p0dalirius

11 exploits Active since Sep 2018
CVE-2022-36446 NOMISEC CRITICAL WORKING POC
Webmin <1.997 - XSS
software/apt-lib.pl in Webmin before 1.997 lacks HTML escaping for a UI command.
116 stars
CVSS 9.8
CVE-2021-43008 NOMISEC HIGH WORKING POC
Adminer <4.6.2 - Info Disclosure
Improper Access Control in Adminer versions 1.12.0 to 4.6.2 (fixed in version 4.6.3) allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database.
88 stars
CVSS 7.5
CVE-2022-21907 NOMISEC CRITICAL WORKING POC
HTTP Protocol Stack - RCE
HTTP Protocol Stack Remote Code Execution Vulnerability
83 stars
CVSS 9.8
CVE-2022-45771 NOMISEC HIGH WORKING POC
Pwndoc - Unrestricted File Upload
An issue in the /api/audits component of Pwndoc v0.5.3 allows attackers to escalate privileges and execute arbitrary code via uploading a crafted audit file.
47 stars
CVSS 8.8
CVE-2020-14144 NOMISEC HIGH WORKING POC
Gitea < 1.12.5 - OS Command Injection
The git hook feature in Gitea 1.1.0 through 1.12.5 might allow for authenticated remote code execution in customer environments where the documentation was not understood (e.g., one viewpoint is that the dangerousness of this feature should be documented immediately above the ENABLE_GIT_HOOKS line in the config file). NOTE: The vendor has indicated this is not a vulnerability and states "This is a functionality of the software that is limited to a very limited subset of accounts. If you give someone the privilege to execute arbitrary code on your server, they can execute arbitrary code on your server. We provide very clear warnings to users around this functionality and what it provides.
30 stars
CVSS 7.2
CVE-2018-16763 NOMISEC CRITICAL WORKING POC
FUEL CMS 1.4.1 - RCE
FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/ filter parameter or the preview/ data parameter. This can lead to Pre-Auth Remote Code Execution.
23 stars
CVSS 9.8
CVE-2016-10956 NOMISEC HIGH WORKING POC
Mail-masta - Improper Input Validation
The mail-masta plugin 1.0 for WordPress has local file inclusion in count_of_send.php and csvexport.php.
20 stars
CVSS 7.5
CVE-2022-30780 NOMISEC HIGH WORKING POC
Lighttpd 1.4.56-1.4.58 - DoS
Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consumption from stuck connections) because connection_read_header_more in connections.c has a typo that disrupts use of multiple read operations on large headers.
17 stars
CVSS 7.5
CVE-2022-26159 NOMISEC MEDIUM WORKING POC
Ametys CMS <4.5.0 - Info Disclosure
The auto-completion plugin in Ametys CMS before 4.5.0 allows a remote unauthenticated attacker to read documents such as plugins/web/service/search/auto-completion/<domain>/en.xml (and similar pathnames for other languages), which contain all characters typed by all users, including the content of private pages. For example, a private page may contain usernames, e-mail addresses, and possibly passwords.
14 stars
CVSS 5.3
CVE-2021-31800 NOMISEC CRITICAL WORKING POC
Secureauth Impacket < 0.9.22 - Path Traversal
Multiple path traversal vulnerabilities exist in smbserver.py in Impacket through 0.9.22. An attacker that connects to a running smbserver instance can list and write to arbitrary files via ../ directory traversal. This could potentially be abused to achieve arbitrary code execution by replacing /etc/shadow or an SSH authorized key.
10 stars
CVSS 9.8
CVE-2020-8813 NOMISEC HIGH WORKING POC
Cacti 1.2.8 - Command Injection
graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege.
7 stars
CVSS 8.8