s-index

7 exploits Active since Oct 2020
CVE-2020-28502 NOMISEC HIGH WORKING POC
xmlhttprequest < 1.7.0 and xmlhttprequest-ssl < 1.6.2 - Remote Code Execution via Synchronous Request
This affects the package xmlhttprequest before 1.7.0; all versions of package xmlhttprequest-ssl. Provided requests are sent synchronously (async=False on xhr.open), malicious user input flowing into xhr.send could result in arbitrary code being injected and run.
3 stars
CVSS 8.1
CVE-2021-43811 NOMISEC HIGH WORKING POC
Sockeye < 2.3.24 - Remote Code Execution via Unsafe YAML Loading
Sockeye is an open-source sequence-to-sequence framework for Neural Machine Translation built on PyTorch. Sockeye uses YAML to store model and data configurations on disk. Versions below 2.3.24 use unsafe YAML loading, which can be made to execute arbitrary code embedded in config files. An attacker can add malicious code to the config file of a trained model and attempt to convince users to download and run it. If users run the model, the embedded code will run locally. The issue is fixed in version 2.3.24.
2 stars
CVSS 7.8
CVE-2021-20717 NOMISEC MEDIUM WRITEUP
EC-CUBE 4.0.0-4.0.5 - Stored Cross-Site Scripting in Administrator Input Field
Cross-site scripting vulnerability in EC-CUBE 4.0.0 to 4.0.5 allows a remote attacker to inject a specially crafted script in the specific input field of the EC web site which is created using EC-CUBE. As a result, it may lead to an arbitrary script execution on the administrator's web browser.
1 stars
CVSS 6.1
CVE-2021-21349 NOMISEC MEDIUM WORKING POC
Netapp Oncommand Insight < 5.15.14 - SSRF
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16.
1 stars
CVSS 6.1
CVE-2020-13957 NOMISEC CRITICAL WORKING POC
Apache Solr 6.6.0-6.6.6 7.0.0-7.7.3 8.0.0-8.6.2 - Unauthenticated ConfigSet Upload Bypass
Apache Solr versions 6.6.0 to 6.6.6, 7.0.0 to 7.7.3 and 8.0.0 to 8.6.2 prevents some features considered dangerous (which could be used for remote code execution) to be configured in a ConfigSet that's uploaded via API without authentication/authorization. The checks in place to prevent such features can be circumvented by using a combination of UPLOAD/CREATE actions.
1 stars
CVSS 9.8
CVE-2021-41078 NOMISEC HIGH WORKING POC
nameko < 2.13.0 - Remote Code Execution via Config File Deserialization
Nameko through 2.13.0 can be tricked into performing arbitrary code execution when deserializing the config file.
CVSS 7.8
CVE-2021-21341 NOMISEC HIGH WORKING POC
NetApp OnCommand Insight - Denial of Service via XStream Deserialization
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is vulnerability which may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulating the processed input stream. No user is affected who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16.
CVSS 7.5