Alejandro Rodriguez

5 exploits Active since Apr 2010
CVE-2013-4975 EXPLOITDB HIGH WORKING POC
Hikvision DS-2CD7153-E - Privilege Escalation
Hikvision DS-2CD7153-E IP Camera has Privilege Escalation
CVSS 8.8
CVE-2013-4976 EXPLOITDB CRITICAL WORKING POC
Hikvision DS-2CD7153-E - Auth Bypass
Hikvision DS-2CD7153-E IP Camera has security bypass via hardcoded credentials
CVSS 9.8
CVE-2010-1186 EXPLOITDB text WRITEUP
NextGEN Gallery <1.5.2 - XSS
Cross-site scripting (XSS) vulnerability in xml/media-rss.php in the NextGEN Gallery plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the mode parameter.
CVE-2010-3271 EXPLOITDB text WRITEUP
IBM WebSphere Application Server <7.0.0.13 - CSRF
Multiple cross-site request forgery (CSRF) vulnerabilities in the Integrated Solutions Console (aka administrative console) in IBM WebSphere Application Server (WAS) 7.0.0.13 and earlier allow remote attackers to hijack the authentication of administrators for requests that disable certain security options via an Edit action to console/adminSecurityDetail.do followed by a save action to console/syncworkspace.do.
CVE-2013-4977 EXPLOITDB text WORKING POC
Hikvision DS-2CD7153-E <4.1.0 b130111 - Buffer Overflow
Buffer overflow in the RTSP Packet Handler in Hikvision DS-2CD7153-E IP camera with firmware 4.1.0 b130111 (Jan 2013), and possibly other devices, allows remote attackers to cause a denial of service (device crash and reboot) and possibly execute arbitrary code via a long string in the Range header field in an RTSP transaction.