so1icitx

2 exploits Active since Mar 2019

CVE-2024-25600 NOMISEC CRITICAL WORKING POC

Unauthenticated Remote Code Execution - Bricks <= 1.9.6

Improper Control of Generation of Code ('Code Injection') vulnerability in Codeer Limited Bricks Builder allows Code Injection.This issue affects Bricks Builder: from n/a through 1.9.6.

13 stars

CVSS 10.0

View Code

CVE-2019-9053 NOMISEC HIGH WORKING POC

CMS Made Simple 2.2.8 - Unauthenticated Blind SQL Injection via News Module m1_idlist Parameter

An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve unauthenticated blind time-based SQL injection via the m1_idlist parameter.

CVSS 8.1

View Code