Alex Inführ - Security Researcher - Exploit Intelligence Platform

CVE-2018-16858 METASPLOIT HIGH ruby WORKING POC

LibreOffice Macro Python Code Execution

It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script in any arbitrary file system location, specified relative to the LibreOffice install location.

CVSS 7.8

View Code

EIP-2026-116728 EXPLOITDB text WORKING POC

Adobe Reader PDF - Client Side Request Injection

View Code

CVE-2018-16858 EXPLOITDB HIGH ruby WORKING POC

LibreOffice Macro Python Code Execution

It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script in any arbitrary file system location, specified relative to the LibreOffice install location.

CVSS 7.8

View Code