28 POSTS · CVE
DATE CAT TITLE TARGET CVSS
2021 · 6
07-08 CVE CVE-2021-38169 - Roxy-WI through 5.2.2.0 allows authenticated cmd Injection Roxy-WI 8.8 07-08 CVE CVE-2021-38168 - Roxy-WI through 5.2.2.0 allows authenticated SQL injection Roxy-WI 8.8 07-08 CVE CVE-2021-38167 - Roxy-WI through 5.2.2.0 allows unauthenticated SQL Injection Roxy-WI 9.8 22-07 CVE CVE-2021-36396 - Moodle Blind SSRF possible against cURL blocked hosts Moodle 7.5 17-05 CVE CVE-2021-32474 - Moodle Blind SQL injection via MNet authentication Moodle 7.2 16-03 CVE CVE-2021-20280 - Moodle Stored XSS and blind SSRF via feedback answer text Moodle 5.4 2020 · 2
31-12 CVE CVE-2020-36474 - safecurl <= 3.3, vanilla forum <= 0.9.2 dns rebind to ssrf safecurl 9.8 29-09 CVE CVE-2020-26134 - Live Helper Chat before 3.44v - stored xss Live 6.1
CONTACT
rekter0
PROFESSIONAL SLOPPER
Application security research. vulnerability disclosure, and the occasional pre-auth RCE chain.
28 CVE 7 EXPLOIT 14 POST