Hi! I’m a network engineer at an educational institution in the Netherlands. Over the past few years i became interested in security. In 2020 i got my Offensive Security Certified Professional (OSCP) and this site will be used for any fun findings.
CVE’s:
- CVE-2021-44662 – Xerte XSS (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44662)
- CVE-2021-44663 – Xerte RCE (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44663)
- CVE-2021-44664 – Xerte RCE (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44664)
- CVE-2021-44665 – Xerte Directory Traversal (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44665)
Exploit-DB:
- Prowise Reflect v1.0.9 – Remote Keystroke Injection (https://www.exploit-db.com/exploits/50796)
- Xerte 3.9 – Remote Code Execution (RCE) (Authenticated) (https://www.exploit-db.com/exploits/50795)
- Xerte 3.10.3 – Directory Traversal (Authenticated) (https://www.exploit-db.com/exploits/50794)
Honorable mentions: