Skip to content

Instantly share code, notes, and snippets.

Avatar
🎯
Focusing

Harsh Bothra harsh-bothra

🎯
Focusing
View GitHub Profile
@harsh-bothra
harsh-bothra / CVE-2020-24849
Last active Nov 3, 2020
CVE-2020-24849 - FruityWifi Remote Code Execution
View CVE-2020-24849
Product: FruityWifi
CVE: CVE-2020-24849
Version: (, 2.4) - Tested on version 2.4
Vulnerability: Remote Code Execution
Vulnerability Description: A remote code execution vulnerability is identified in FruityWifi through 2.4.Due to improperly escaped shell metacharacters obtained from the POST request at the page_config_adv.php page, it is possible to perform remote code execution by an authenticated attacker. This is similar to CVE-2018-17317.
@harsh-bothra
harsh-bothra / CVE-2020-23868
Last active Oct 29, 2020
Cross-Site Scripting in NeDi 1.9C
View CVE-2020-23868
Product: NeDi - Find IT
CVE: Use CVE-2020-23868
Version: 1.9C
Vulnerability: Reflected Cross-Site Scripting
Vulnerability Description: NeDi 1.9C allows Cross-Site Scripting via "d" parameter at "inc/rt-popup.ph" page.
@harsh-bothra
harsh-bothra / CVE-2020-23989
Last active Feb 4, 2021
Cross-Site Scripting in NeDi 1.9C
View CVE-2020-23989
Product: NeDi - Find IT
CVE: CVE-2020-23989
Version: 1.9C
Vulnerability: Reflected Cross-Site Scripting
Vulnerability Description: NeDi 1.9C allows Cross-Site Scripting via "oid" parameter at "pwsec.php" page.