tnpitsecurity

14 exploits Active since Jan 2017
CVE-2016-7998 GITHUB HIGH WRITEUP
SPIP <3.1.2 - Authenticated RCE
The SPIP template composer/compiler in SPIP 3.1.2 and earlier allows remote authenticated users to execute arbitrary PHP code by uploading an HTML file with a crafted (1) INCLUDE or (2) INCLURE tag and then accessing it with a valider_xml action.
4 stars
CVSS 8.8
CVE-2017-11321 GITHUB HIGH WRITEUP
Ucopia Wireless Appliance < 5.1.7 - OS Command Injection
The restricted shell interface in UCOPIA Wireless Appliance before 5.1.8 allows remote authenticated users to gain 'admin' privileges via shell metacharacters in the less command.
4 stars
CVSS 7.2
CVE-2017-11322 GITHUB HIGH WORKING POC
Ucopia Wireless Appliance < 5.1.7 - OS Command Injection
The chroothole_client executable in UCOPIA Wireless Appliance before 5.1.8 allows remote attackers to gain root privileges via a dollar sign ($) metacharacter in the argument to chroothole_client.
4 stars
CVSS 8.2
CVE-2017-7997 GITHUB CRITICAL WRITEUP
Gespage < 7.4.9 - SQL Injection
Multiple SQL injection vulnerabilities in Gespage before 7.4.9 allow remote attackers to execute arbitrary SQL commands via the (1) show_prn parameter to webapp/users/prnow.jsp or show_month parameter to (2) webapp/users/blhistory.jsp or (3) webapp/users/prhistory.jsp.
4 stars
CVSS 9.8
CVE-2017-7998 GITHUB MEDIUM WORKING POC
Gespage < 7.4.9 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Gespage before 7.4.9 allow remote attackers to inject arbitrary web script or HTML via the (1) printer name when adding a printer in the admin panel or (2) username parameter to webapp/users/user_reg.jsp.
4 stars
CVSS 6.1
CVE-2018-13140 GITHUB HIGH WORKING POC
Druide Antidote 9 < 5.1 - Cleartext Transmission
Druide Antidote through 9.5.1 on Windows and Linux allows remote code execution through the update mechanism by leveraging use of HTTP to download installation packages.
4 stars
CVSS 8.1
CVE-2020-10936 GITHUB HIGH WORKING POC
Sympa <6.2.56 - Privilege Escalation
Sympa before 6.2.56 allows privilege escalation.
4 stars
CVSS 7.8
CVE-2020-12050 GITHUB HIGH WORKING POC
Opensuse Backports Sle - Race Condition
SQLiteODBC 0.9996, as packaged for certain Linux distributions as 0.9996-4, has a race condition leading to root privilege escalation because any user can replace a /tmp/sqliteodbc$$ file with new contents that cause loading of an arbitrary library.
4 stars
CVSS 7.0
CVE-2020-17363 GITHUB CRITICAL WRITEUP
USVN <1.0.9 - RCE
USVN (aka User-friendly SVN) before 1.0.9 allows remote code execution via shell metacharacters in the number_start or number_end parameter to LastHundredRequest (aka lasthundredrequestAction) in the Timeline module. NOTE: this may overlap CVE-2020-25069.
4 stars
CVSS 9.9
CVE-2020-17364 GITHUB MEDIUM WRITEUP
USVN <1.0.9 - XSS
USVN (aka User-friendly SVN) before 1.0.9 allows XSS via SVN logs.
4 stars
CVSS 6.1
CVE-2020-5847 GITHUB CRITICAL WRITEUP
Unraid <6.8.0 - RCE
Unraid through 6.8.0 allows Remote Code Execution.
4 stars
CVSS 9.8
CVE-2020-9036 GITHUB MEDIUM WRITEUP
Jeedom < 4.0.38 - XSS
Jeedom through 4.0.38 allows XSS.
4 stars
CVSS 6.1
CVE-2020-9359 GITHUB MEDIUM WRITEUP
KDE Okular <1.10.0 - Code Injection
KDE Okular before 1.10.0 allows code execution via an action link in a PDF document.
4 stars
CVSS 5.3
CVE-2021-40323 GITHUB CRITICAL WORKING POC
Cobbler <3.3.0 - RCE
Cobbler before 3.3.0 allows log poisoning, and resultant Remote Code Execution, via an XMLRPC method that logs to the logfile for template injection.
4 stars
CVSS 9.8