Ahmad Mahfouz

15 exploits Active since Dec 2017
CVE-2018-2879 NOMISEC CRITICAL WORKING POC
Oracle Fusion Middleware 11.1.2.3.0-12.2.1.3.0 - Unauthenticated RCE
Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Authentication Engine). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager. While the vulnerability is in Oracle Access Manager, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Access Manager. Note: Please refer to Doc ID <a href="http://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=2386496.1">My Oracle Support Note 2386496.1 for instructions on how to address this issue. CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H).
25 stars
CVSS 9.0
CVE-2025-34105 EXPLOITDB CRITICAL python WORKING POC
DiskBoss Enterprise <8.2.14 - Buffer Overflow
A stack-based buffer overflow vulnerability exists in the built-in web interface of DiskBoss Enterprise versions 7.4.28, 7.5.12, and 8.2.14. The vulnerability arises from improper bounds checking on the path component of HTTP GET requests. By sending a specially crafted long URI, a remote unauthenticated attacker can trigger a buffer overflow, potentially leading to arbitrary code execution with SYSTEM privileges on vulnerable Windows hosts.
CVE-2025-34105 METASPLOIT CRITICAL ruby WORKING POC
DiskBoss Enterprise <8.2.14 - Buffer Overflow
A stack-based buffer overflow vulnerability exists in the built-in web interface of DiskBoss Enterprise versions 7.4.28, 7.5.12, and 8.2.14. The vulnerability arises from improper bounds checking on the path component of HTTP GET requests. By sending a specially crafted long URI, a remote unauthenticated attacker can trigger a buffer overflow, potentially leading to arbitrary code execution with SYSTEM privileges on vulnerable Windows hosts.
CVE-2018-5359 EXPLOITDB HIGH python WORKING POC
Flexense SysGauge <3.6.18 - Buffer Overflow
The server in Flexense SysGauge 3.6.18 operating on port 9221 can be exploited remotely with the attacker gaining system-level access because of a Buffer Overflow.
CVSS 8.1
CVE-2017-15663 EXPLOITDB HIGH python WORKING POC
Flexense Disk Pulse Enterprise 10.1.18 - Denial of Service via Crafted SERVER_GET_INFO Packet
In Flexense Disk Pulse Enterprise v10.1.18, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9120.
CVSS 7.5
CVE-2017-15664 EXPLOITDB HIGH python WORKING POC
Flexense Syncbreeze - Denial of Service
In Flexense Sync Breeze Enterprise v10.1.16, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9121.
CVSS 7.5
CVE-2017-15667 EXPLOITDB HIGH python WORKING POC
Flexense SysGauge Server 3.6.18 - Denial of Service via Crafted SERVER_GET_INFO Packet
In Flexense SysGauge Server 3.6.18, the Control Protocol suffers from a denial of service. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9221.
CVSS 7.5
CVE-2017-15662 EXPLOITDB HIGH python WORKING POC
Flexense VX Search Enterprise 10.1.12 - Denial of Service via Crafted SERVER_GET_INFO Packet
In Flexense VX Search Enterprise v10.1.12, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9123.
CVSS 7.5
CVE-2017-15663 EXPLOITDB HIGH python WORKING POC
Flexense Disk Pulse Enterprise 10.1.18 - Denial of Service via Crafted SERVER_GET_INFO Packet
In Flexense Disk Pulse Enterprise v10.1.18, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9120.
CVSS 7.5
CVE-2017-15665 EXPLOITDB HIGH python WORKING POC
Flexense DiskBoss Enterprise 8.5.12 - Denial of Service via Crafted SERVER_GET_INFO Packet
In Flexense DiskBoss Enterprise 8.5.12, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 8094.
CVSS 7.5
CVE-2017-17999 EXPLOITDB CRITICAL text WORKING POC
RISE Ultimate Project Manager 1.9 - SQL Injection via Search Parameter
SQL injection vulnerability in RISE Ultimate Project Manager 1.9 allows remote attackers to execute arbitrary SQL commands via the search parameter to index.php/knowledge_base/get_article_suggestion/.
CVSS 9.8
CVE-2017-17976 EXPLOITDB CRITICAL text WORKING POC
Perfex CRM 1.9.7 - Unrestricted File Upload and Remote Code Execution
In Utilities.php in Perfex CRM 1.9.7, Unrestricted file upload can lead to remote code execution.
CVSS 9.8
CVE-2018-5211 EXPLOITDB CRITICAL text WORKING POC
PHP Melody 2.7.1 - SQL Injection via Playlist Parameter
PHP Melody version 2.7.1 suffer from SQL Injection Time-based attack on the page ajax.php with the parameter playlist.
CVSS 9.8
CVE-2017-17970 EXPLOITDB CRITICAL text WORKING POC
Muviko 1.1 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in Muviko 1.1 allow remote attackers to execute arbitrary SQL commands via the (1) email parameter to login.php; the (2) season_id parameter to themes/flixer/ajax/load_season.php; the (3) movie_id parameter to themes/flixer/ajax/get_rating.php; the (4) rating or (5) movie_id parameter to themes/flixer/ajax/update_rating.php; or the (6) id parameter to themes/flixer/ajax/set_player_source.php.
CVSS 9.8
EIP-2026-104418 EXPLOITDB python WORKING POC
SAP BusinessObjects launch pad - Server-Side Request Forgery