theWorstComrade

3 exploits Active since Jan 2022
CVE-2022-0372 WRITEUP MEDIUM WRITEUP
Packagist bytefury/crater <6.0.2 - XSS
Cross-site Scripting (XSS) - Stored in Packagist bytefury/crater prior to 6.0.2.
CVSS 5.4
CVE-2022-1032 WRITEUP HIGH WRITEUP
crater < 6.0.6 - Remote Code Execution via Insecure Deserialization
Insecure deserialization of not validated module file in GitHub repository crater-invoice/crater prior to 6.0.6.
CVSS 7.2
CVE-2022-1033 WRITEUP HIGH WRITEUP
crater < 6.0.6 - Unrestricted Upload of File with Dangerous Type
Unrestricted Upload of File with Dangerous Type in GitHub repository crater-invoice/crater prior to 6.0.6.
CVSS 7.8