p1ckzi

8 exploits Active since Jul 2009
CVE-2022-22965 NOMISEC CRITICAL WORKING POC
Spring Framework - Remote Code Execution via Data Binding
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.
23 stars
CVSS 9.8
CVE-2012-5519 NOMISEC WORKING POC
CUPS 1.4.4 - Arbitrary File Read and Write via Web Interface Key Permissions
CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface.
9 stars
CVE-2017-9841 NOMISEC CRITICAL WORKING POC
PHPUnit < 4.8.28 and 5.x < 5.6.3 - Remote Code Execution via HTTP POST Data
Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "<?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI.
3 stars
CVSS 9.8
CVE-2022-35513 NOMISEC HIGH WORKING POC
Blink1Control2 <= 2.2.7 - Weak Password Encryption
The Blink1Control2 application <= 2.2.7 uses weak password encryption and an insecure method of storage.
2 stars
CVSS 7.5
CVE-2009-2265 NOMISEC WORKING POC
FCKeditor <2.6.4.1 - Path Traversal
Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009, related to the file browser and the editor/filemanager/connectors/ directory.
1 stars
CVE-2022-22965 NOMISEC CRITICAL WORKING POC
Spring Framework - Remote Code Execution via Data Binding
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.
CVSS 9.8
CVE-2022-50898 EXPLOITDB HIGH python WORKING POC
NanoCMS 0.4 - Remote Code Execution
NanoCMS 0.4 contains an authenticated file upload vulnerability that allows remote code execution through unvalidated page content creation. Authenticated attackers can upload PHP files with arbitrary code to the server's pages directory by exploiting the page creation mechanism without proper input sanitization.
CVSS 8.8
CVE-2022-35513 EXPLOITDB HIGH javascript WORKING POC
Blink1Control2 <= 2.2.7 - Weak Password Encryption
The Blink1Control2 application <= 2.2.7 uses weak password encryption and an insecure method of storage.
CVSS 7.5