Aloyce J. Makalanga - Security Researcher - Exploit Intelligence Platform

CVE-2017-17968 EXPLOITDB CRITICAL python WORKING POC

NetTransport Download Manager < 2.96l - Remote Code Execution via Long HTTP Response

A buffer overflow vulnerability in NetTransport.exe in NetTransport Download Manager 2.96L and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a long HTTP response.

CVSS 9.8

View Code

CVE-2017-17849 EXPLOITDB CRITICAL python WORKING POC

GetGo Download Manager < 5.3.0.2712 - Remote Code Execution via Long HTTP Response

A buffer overflow vulnerability in GetGo Download Manager 5.3.0.2712 and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a long response.

CVSS 9.8

View Code

CVE-2017-17932 EXPLOITDB CRITICAL python WORKING POC

ALLPlayer ALLMediaServer <= 0.95 - Remote Code Execution via TCP Port 888 Buffer Overflow

A buffer overflow vulnerability exists in MediaServer.exe in ALLPlayer ALLMediaServer 0.95 and earlier that could allow remote attackers to execute arbitrary code and/or cause denial of service on the victim machine/computer via a long string to TCP port 888.

CVSS 9.8

View Code

CVE-2017-17752 EXPLOITDB MEDIUM python WORKING POC

Ability Mail Server 3.3.2 - Stored Cross-Site Scripting via Email Body

Ability Mail Server 3.3.2 has Cross Site Scripting (XSS) via the body of an e-mail message, with JavaScript code executed on the Read Mail screen (aka the /_readmail URI). This is fixed in version 4.2.4.

CVSS 6.1

View Code