theWorstComrade

3 exploits Active since Jan 2022
CVE-2022-0372 WRITEUP MEDIUM WRITEUP
Packagist bytefury/crater <6.0.2 - XSS
Cross-site Scripting (XSS) - Stored in Packagist bytefury/crater prior to 6.0.2.
CVSS 5.4
CVE-2022-1032 WRITEUP HIGH WRITEUP
Crater < 6.0.6 - Insecure Deserialization
Insecure deserialization of not validated module file in GitHub repository crater-invoice/crater prior to 6.0.6.
CVSS 7.2
CVE-2022-1033 WRITEUP HIGH WRITEUP
Crater < 6.0.6 - Unrestricted File Upload
Unrestricted Upload of File with Dangerous Type in GitHub repository crater-invoice/crater prior to 6.0.6.
CVSS 7.8