PARAG BAGUL Camaleon CMS v2.7.0 - Server-Side Template Injection (SSTI)
webapps ruby CVE-2023-30145

Yasin Gergin Cameleon CMS 2.7.4 - Persistent Stored XSS in Post Title
webapps ruby

UNICORD pdfkit v0.8.7.2 - Command Injection
local ruby CVE-2022–25765

Antonio Francesco Sardella GitLab v15.3 - Remote Code Execution (RCE) (Authenticated)
webapps ruby CVE-2022-2884

Greenwolf GitLab 14.9 - Stored Cross-Site Scripting (XSS)
webapps ruby CVE-2022-1175

Greenwolf Gitlab 14.9 - Authentication Bypass
webapps ruby CVE-2022-1162

Jacob Baines GitLab 13.10.2 - Remote Code Execution (RCE) (Unauthenticated)
webapps ruby CVE-2021-22205

enox Gitlab 13.10.2 - Remote Code Execution (Authenticated)
webapps ruby

enox Gitlab 13.9.3 - Remote Code Execution (Authenticated)
webapps ruby

4D0niiS GitLab Community Edition (CE) 13.10.3 - 'Sign_Up' User Enumeration
webapps ruby

4D0niiS GitLab Community Edition (CE) 13.10.3 - User Enumeration
webapps ruby

LiquidWorm STVS ProVision 5.9.10 - Cross-Site Request Forgery (Add Admin)
webapps ruby

LiquidWorm STVS ProVision 5.9.10 - File Disclosure (Authenticated)
webapps ruby

Norbert Hofmann GitLab 11.4.7 - RCE (Authenticated) (2)
webapps ruby CVE-2018-19585;CVE-2018-19571

Fortunato Lodari GitLab 11.4.7 - Remote Code Execution (Authenticated) (1)
webapps ruby CVE-2018-19585;CVE-2018-19571

Jasper Rasenberg Gitlab 12.9.0 - Arbitrary File Read (Authenticated)
webapps ruby