tnpitsecurity

14 exploits Active since Jan 2017
CVE-2016-7998 GITHUB HIGH WRITEUP
SPIP < 3.1.2 - Authenticated Remote Code Execution via Crafted INCLUDE/INCLURE Tag
The SPIP template composer/compiler in SPIP 3.1.2 and earlier allows remote authenticated users to execute arbitrary PHP code by uploading an HTML file with a crafted (1) INCLUDE or (2) INCLURE tag and then accessing it with a valider_xml action.
4 stars
CVSS 8.8
CVE-2017-11321 GITHUB HIGH WRITEUP
UCOPIA Wireless Appliance < 5.1.8 - Authenticated Privilege Escalation via Less Command Shell Metacharacter Injection
The restricted shell interface in UCOPIA Wireless Appliance before 5.1.8 allows remote authenticated users to gain 'admin' privileges via shell metacharacters in the less command.
4 stars
CVSS 7.2
CVE-2017-11322 GITHUB HIGH WORKING POC
UCOPIA Wireless Appliance < 5.1.7 - OS Command Injection via chroothole_client Argument
The chroothole_client executable in UCOPIA Wireless Appliance before 5.1.8 allows remote attackers to gain root privileges via a dollar sign ($) metacharacter in the argument to chroothole_client.
4 stars
CVSS 8.2
CVE-2017-7997 GITHUB CRITICAL WRITEUP
gespage < 7.4.9 - SQL Injection via show_prn or show_month Parameter
Multiple SQL injection vulnerabilities in Gespage before 7.4.9 allow remote attackers to execute arbitrary SQL commands via the (1) show_prn parameter to webapp/users/prnow.jsp or show_month parameter to (2) webapp/users/blhistory.jsp or (3) webapp/users/prhistory.jsp.
4 stars
CVSS 9.8
CVE-2017-7998 GITHUB MEDIUM WORKING POC
gespage < 7.4.9 - Stored Cross-Site Scripting via Printer Name or Username Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Gespage before 7.4.9 allow remote attackers to inject arbitrary web script or HTML via the (1) printer name when adding a printer in the admin panel or (2) username parameter to webapp/users/user_reg.jsp.
4 stars
CVSS 6.1
CVE-2018-13140 GITHUB HIGH WORKING POC
Druide Antidote < 5.1 - Remote Code Execution via Update Mechanism
Druide Antidote through 9.5.1 on Windows and Linux allows remote code execution through the update mechanism by leveraging use of HTTP to download installation packages.
4 stars
CVSS 8.1
CVE-2020-10936 GITHUB HIGH WORKING POC
Sympa <6.2.56 - Privilege Escalation
Sympa before 6.2.56 allows privilege escalation.
4 stars
CVSS 7.8
CVE-2020-12050 GITHUB HIGH WORKING POC
Opensuse Backports Sle - Race Condition
SQLiteODBC 0.9996, as packaged for certain Linux distributions as 0.9996-4, has a race condition leading to root privilege escalation because any user can replace a /tmp/sqliteodbc$$ file with new contents that cause loading of an arbitrary library.
4 stars
CVSS 7.0
CVE-2020-17363 GITHUB CRITICAL WRITEUP
USVN < 1.0.9 - Remote Code Execution via Timeline Module Parameters
USVN (aka User-friendly SVN) before 1.0.9 allows remote code execution via shell metacharacters in the number_start or number_end parameter to LastHundredRequest (aka lasthundredrequestAction) in the Timeline module. NOTE: this may overlap CVE-2020-25069.
4 stars
CVSS 9.9
CVE-2020-17364 GITHUB MEDIUM WRITEUP
USVN < 1.0.9 - Cross-Site Scripting via SVN Logs
USVN (aka User-friendly SVN) before 1.0.9 allows XSS via SVN logs.
4 stars
CVSS 6.1
CVE-2020-5847 GITHUB CRITICAL WRITEUP
Unraid < 6.8.0 - Unauthenticated Remote Code Execution
Unraid through 6.8.0 allows Remote Code Execution.
4 stars
CVSS 9.8
CVE-2020-9036 GITHUB MEDIUM WRITEUP
Jeedom < 4.0.38 - Cross-Site Scripting
Jeedom through 4.0.38 allows XSS.
4 stars
CVSS 6.1
CVE-2020-9359 GITHUB MEDIUM WRITEUP
KDE Okular <1.10.0 - Code Injection
KDE Okular before 1.10.0 allows code execution via an action link in a PDF document.
4 stars
CVSS 5.3
CVE-2021-40323 GITHUB CRITICAL WORKING POC
Cobbler < 3.3.0 - Remote Code Execution via XMLRPC Log Poisoning
Cobbler before 3.3.0 allows log poisoning, and resultant Remote Code Execution, via an XMLRPC method that logs to the logfile for template injection.
4 stars
CVSS 9.8