hansmach1ne/MyExploits

hansmach1ne/MyExploits

Unavailable

This project is no longer available (or publicly accessible) from GitHub

Releases0

Repo for disclosed zero day vulnerabilities/exploits

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-34121 ↗	Jul 27, 2022Wednesday, 27 July 2022, 18:15	7.5 HIGH	—
Cuppa CMS v1.0 was discovered to contain a local file inclusion (LFI) vulnerability via the component /templates/default/html/windows/right.php.
CVE-2022-25486 ↗	Mar 15, 2022Tuesday, 15 March 2022, 18:15	7.8 HIGH	6.8 MEDIUM
CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts/alertConfigField.php.
CVE-2021-43779 ↗	Jan 5, 2022Wednesday, 5 January 2022, 19:15	9.9 CRITICAL	9 HIGH
GLPI is an open source IT Asset Management, issue tracking system and service desk system. The GLPI addressing plugin in versions < 2.9.1 suffers from authenticated Remote Code Execution vulnerability, allowing access to the server's underlying operating system using command injection abuse of functionality. There is no workaround for this issue and users are advised to upgrade or to disable the addressing plugin.
CVE-2021-43778 ↗	Nov 24, 2021Wednesday, 24 November 2021, 19:15	9.1 CRITICAL	5 MEDIUM
Barcode is a GLPI plugin for printing barcodes and QR codes. GLPI instances version 2.x prior to version 2.6.1 with the barcode plugin installed are vulnerable to a path traversal vulnerability. This issue was patched in version 2.6.1. As a workaround, delete the `front/send.php` file.