Harsh Bothra harsh-bothra

🎯

Focusing

harsh-bothra / CVE-2020-23989

Last active February 4, 2021 01:19

Cross-Site Scripting in NeDi 1.9C

	Product: NeDi - Find IT

	CVE: CVE-2020-23989

	Version: 1.9C

	Vulnerability: Reflected Cross-Site Scripting

	Vulnerability Description: NeDi 1.9C allows Cross-Site Scripting via "oid" parameter at "pwsec.php" page.

harsh-bothra / CVE-2020-23868

Last active October 29, 2020 12:22

Cross-Site Scripting in NeDi 1.9C

	Product: NeDi - Find IT

	CVE: Use CVE-2020-23868

	Version: 1.9C

	Vulnerability: Reflected Cross-Site Scripting

	Vulnerability Description: NeDi 1.9C allows Cross-Site Scripting via "d" parameter at "inc/rt-popup.ph" page.

harsh-bothra / CVE-2020-24849

Last active November 3, 2020 09:20

CVE-2020-24849 - FruityWifi Remote Code Execution

	Product: FruityWifi

	CVE: CVE-2020-24849

	Version: (, 2.4) - Tested on version 2.4

	Vulnerability: Remote Code Execution

	Vulnerability Description: A remote code execution vulnerability is identified in FruityWifi through 2.4.Due to improperly escaped shell metacharacters obtained from the POST request at the page_config_adv.php page, it is possible to perform remote code execution by an authenticated attacker. This is similar to CVE-2018-17317.