yuriisanin

5 exploits Active since Feb 2022
CVE-2022-45025 NOMISEC CRITICAL WORKING POC
Markdown Preview Enhanced - OS Command Injection
Markdown Preview Enhanced v0.6.5 and v0.19.6 for VSCode and Atom was discovered to contain a command injection vulnerability via the PDF file import function.
90 stars
CVSS 9.8
CVE-2022-24342 NOMISEC HIGH WORKING POC
JetBrains TeamCity <2021.2.1 - CSRF
In JetBrains TeamCity before 2021.2.1, URL injection leading to CSRF was possible.
36 stars
CVSS 8.8
CVE-2022-25262 NOMISEC CRITICAL WORKING POC
Jetbrains Hub < 2022.1.14434 - Data Authenticity Bypass
In JetBrains Hub before 2022.1.14434, SAML request takeover was possible.
16 stars
CVSS 9.8
CVE-2022-45771 NOMISEC HIGH WORKING POC
Pwndoc - Unrestricted File Upload
An issue in the /api/audits component of Pwndoc v0.5.3 allows attackers to escalate privileges and execute arbitrary code via uploading a crafted audit file.
6 stars
CVSS 8.8
CVE-2022-25260 NOMISEC CRITICAL WORKING POC
Jetbrains Hub < 2021.1.14276 - SSRF
JetBrains Hub before 2021.1.14276 was vulnerable to blind Server-Side Request Forgery (SSRF).
4 stars
CVSS 9.1