Lucene search
+L

6 matches found

zdt
zdt
added 2021/08/10 12:0 a.m.148 views

Cockpit CMS 0.11.1 - (Username Enumeration & Password Reset) NoSQL Injection Exploit

Exploit Title: Cockpit CMS 0.11.1 - 'Username Enumeration & Password Reset' NoSQL Injection Exploit Author: Brian Ombongi Vendor Homepage: https://getcockpit.com/ Version: Cockpit 0.11.1 Tested on: Ubuntu 16.04.7 CVE : CVE-2020-35847 & CVE-2020-35848 !/usr/bin/python3 import json import re import...

9.8CVSS0.5AI score0.98294EPSS
Exploits13
packetstorm
packetstorm
added 2021/08/10 12:0 a.m.577 views

Cockpit CMS 0.11.1 NoSQL Injection

Exploit Title: Cockpit CMS 0.11.1 - 'Username Enumeration & Password Reset' NoSQL Injection Date: 06-08-2021 Exploit Author: Brian Ombongi Vendor Homepage: https://getcockpit.com/ Version: Cockpit 0.11.1 Tested on: Ubuntu 16.04.7 CVE : CVE-2020-35847 & CVE-2020-35848 !/usr/bin/python3 import json...

9.8CVSS9.6AI score0.98294EPSS
Exploits13
exploitdb
exploitdb
added 2021/08/10 12:0 a.m.442 views

Cockpit CMS 0.11.1 - 'Username Enumeration & Password Reset' NoSQL Injection

Exploit Title: Cockpit CMS 0.11.1 - 'Username Enumeration & Password Reset' NoSQL Injection Date: 06-08-2021 Exploit Author: Brian Ombongi Vendor Homepage: https://getcockpit.com/ Version: Cockpit 0.11.1 Tested on: Ubuntu 16.04.7 CVE : CVE-2020-35847 & CVE-2020-35848 !/usr/bin/python3 import json...

9.8CVSS9.6AI score0.98294EPSS
Exploits9
githubexploit
githubexploit
added 2021/08/06 9:19 a.m.258 views

Exploit for SQL Injection in Agentejo Cockpit

Cockpit CMS NoSQL Injection CVE-2020-35847, CVE-2020-35848...

9.8CVSS9.7AI score0.98294EPSS
Exploits13
osv
osv
added 2020/12/30 1:15 a.m.33 views

CVE-2020-35848

Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php newpassword function...

9.8CVSS7.4AI score
Exploits0References5
cve
cve
added 2020/12/30 12:39 a.m.155 views

CVE-2020-35848

CVE-2020-35848 affects Agentejo Cockpit prior to 0.11.2, where the NoSQL injection vulnerability exists in the Auth controller’s newpassword path. The connected sources consistently describe exploitation via /auth/resetpassword and /auth/newpassword, enabling manipulation of database queries and ...

9.8CVSS9.5AI score0.74989EPSS
Exploits5References5Affected Software1
Rows per page
Query Builder