omarhashem123/Security-Research

omarhashem123/Security-Research

eg.linkedin.com

Releases0

Stars44

This repository contains proof of concept for zero days and CVEs that were found by Omar Hashem through Security Research

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-42710 ↗	Jan 3, 2023Tuesday, 3 January 2023, 23:15	5.4 MEDIUM	—
Nice (formerly Nortek) Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e devices are vulnerable to Stored Cross-Site Scripting (XSS).
CVE-2022-38627 ↗	Jan 3, 2023Tuesday, 3 January 2023, 21:15	9.8 CRITICAL	—
Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a SQL injection vulnerability via the idt parameter.
CVE-2022-46381 ↗	Dec 13, 2022Tuesday, 13 December 2022, 22:15	6.1 MEDIUM	—
Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter (e.g., to the badging/badge_template_v0.php component). This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e.
CVE-2022-38628 ↗	Dec 13, 2022Tuesday, 13 December 2022, 21:15	6.1 MEDIUM	—
Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a cross-site scripting (XSS) vulnerability which is chained with a local session fixation. This vulnerability allows attackers to escalate privileges via unspecified vectors.