sug4r-wr41th

7 exploits Active since May 2015
CVE-2024-4577 NOMISEC CRITICAL WORKING POC
PHP CGI Argument Injection Remote Code Execution
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.
1 stars
CVSS 9.8
CVE-2025-47577 NOMISEC CRITICAL WORKING POC
TemplateInvaders TI WooCommerce Wishlist <2.10.0 - Code Injection
Unrestricted Upload of File with Dangerous Type vulnerability in templateinvaders TI WooCommerce Wishlist ti-woocommerce-wishlist allows Upload a Web Shell to a Web Server.This issue affects TI WooCommerce Wishlist: from n/a through <= 2.9.2.
CVSS 10.0
CVE-2025-31324 NOMISEC CRITICAL WORKING POC
SAP NetWeaver Visual Composer Metadata Uploader - Deserialization
SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availability of the targeted system.
CVSS 10.0
CVE-2024-43917 NOMISEC CRITICAL WORKING POC
WordPress TI WooCommerce Wishlist SQL Injection (CVE-2024-43917)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TemplateInvaders TI WooCommerce Wishlist allows SQL Injection.This issue affects TI WooCommerce Wishlist: from n/a through 2.8.2.
CVSS 9.3
CVE-2023-28121 NOMISEC CRITICAL WORKING POC
WooCommerce Payments < 4.8.2 and WooPayments < 5.6.2 - Unauthenticated Privilege Escalation via Request Forgery
An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an unauthenticated attacker to send requests on behalf of an elevated user, like administrator. This allows a remote, unauthenticated attacker to gain admin access on a site that has the affected version of the plugin activated.
CVSS 9.8
CVE-2011-2523 NOMISEC CRITICAL WORKING POC
vsftpd 2.3.4 - Backdoor Command Execution
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
CVSS 9.8
CVE-2015-4133 NOMISEC WORKING POC
reflex_gallery < 3.1.3 - Unauthenticated Arbitrary PHP File Upload via FileUploader
Unrestricted file upload vulnerability in admin/scripts/FileUploader/php.php in the ReFlex Gallery plugin before 3.1.4 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in uploads/ directory.