reewardius

6 exploits Active since Jul 2022
CVE-2025-67886 NOMISEC MEDIUM WORKING POC
Bitrix24 through 25.100.300 - Remote Code Execution
Bitrix24 through 25.100.300 allows Remote Code Execution because an actor with SOURCE/WRITE permissions for the Translate Module can upload and execute code by sending a PHP file and a .htaccess file. NOTE: this is disputed by the Supplier because this is intended behavior for the high-privileged users who can upload new translated pages to the website.
CVSS 6.3
CVE-2025-67887 NOMISEC CRITICAL WORKING POC
1C-Bitrix through 25.100.500 - Remote Code Execution
1C-Bitrix through 25.100.500 allows Remote Code Execution because an actor with SOURCE/WRITE permissions for the Translate Module can upload and execute code by sending a PHP file and a .htaccess file. NOTE: this is disputed by the Supplier because this is intended behavior for the high-privileged users who can upload new translated pages to the website.
CVSS 9.8
CVE-2025-67888 GITHUB HIGH WORKING POC
Control Web Panel /admin/index.php Unauthenticated RCE
An issue was discovered in Control Web Panel (CWP) before 0.9.8.1209. User input passed via the "key" GET parameter to /admin/index.php (when the "api" parameter is set) is not properly sanitized before being used to execute OS commands. This can be exploited by unauthenticated attackers to inject and execute arbitrary OS commands with the privileges of root on the web server. Softaculous or SitePad must be present.
CVSS 7.3
CVE-2022-31889 NOMISEC MEDIUM WORKING POC
osTicket audit_log < 2022-04-21 - Stored Cross-Site Scripting in auditlogs.tmpl.php
Cross Site Scripting (XSS) vulnerability in audit/templates/auditlogs.tmpl.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae.
CVSS 6.1
CVE-2022-31890 NOMISEC CRITICAL WORKING POC
osTicket-plugins audit_log < 2022-04-21 - SQL Injection via order Parameter in getOrder Function
SQL Injection vulnerability in audit/class.audit.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae via the order parameter to the getOrder function.
CVSS 9.8
CVE-2022-32074 NOMISEC MEDIUM SUSPICIOUS
osTicket-plugins - Storage-FS < 2022-05-19 - Stored Cross-Site Scripting via SVG File Upload
A stored cross-site scripting (XSS) vulnerability in the component audit/class.audit.php of osTicket-plugins - Storage-FS before commit a7842d494889fd5533d13deb3c6a7789768795ae allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file.
CVSS 5.4