Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fellipe oliveira vulnerabilities and exploits
(subscribe to this query)
NA
CVE_2021_31630
cve-2021-31630 OpenPLC WebServer v3 - Authenticated RCE This PoC script is based on the exploit provided by Fellipe Oliveira. Features : Directly uploads C code to /hardware instead of st file upload Restores default program before uploading reverse shell Improved C based revers...
1 Github repository
8.8
CVSSv3
CVE-2021-26828
OpenPLC ScadaBR up to and including 0.9.1 on Linux and up to and including 1.12.4 on Windows allows remote authenticated users to upload and execute arbitrary JSP files via view_edit.shtm.
Openplcproject Scadabr
2 Github repositories
7.2
CVSSv3
CVE-2018-19422
/panel/uploads in Subrion CMS 4.2.1 allows remote malicious users to execute arbitrary PHP code via a .pht or .phar file, because the .htaccess file omits these.
Intelliants Subrion Cms 4.2.1
2 Github repositories
9.8
CVSSv3
CVE-2019-12725
Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web application mishandles a few HTTP parameters. An unauthenticated attacker can exploit this issue by injecting OS commands inside the vulnerable parameters.
Zeroshell Zeroshell 3.9.0
3 Github repositories
10
CVSSv3
CVE-2020-24186
A Remote Code Execution vulnerability exists in the gVectors wpDiscuz plugin 7.0 up to and including 7.0.4 for WordPress, which allows unauthenticated users to upload any type of file, including PHP files via the wmuUploadFiles AJAX action.
Gvectors Wpdiscuz
7 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started