Aloyce J. Makalanga - Security Researcher - Exploit Intelligence Platform

CVE-2017-17968 EXPLOITDB CRITICAL python WORKING POC

Xi-soft Nettransport Download Manager < 2.96l - Memory Corruption

A buffer overflow vulnerability in NetTransport.exe in NetTransport Download Manager 2.96L and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a long HTTP response.

CVSS 9.8

View Code

CVE-2017-17849 EXPLOITDB CRITICAL python WORKING POC

Getgosoft Getgo Download Manager < 5.3.0.2712 - Memory Corruption

A buffer overflow vulnerability in GetGo Download Manager 5.3.0.2712 and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a long response.

CVSS 9.8

View Code

CVE-2017-17932 EXPLOITDB CRITICAL python WORKING POC

Allmediaserver < 0.95 - Memory Corruption

A buffer overflow vulnerability exists in MediaServer.exe in ALLPlayer ALLMediaServer 0.95 and earlier that could allow remote attackers to execute arbitrary code and/or cause denial of service on the victim machine/computer via a long string to TCP port 888.

CVSS 9.8

View Code

CVE-2017-17752 EXPLOITDB MEDIUM python WORKING POC

Codecrafters Ability Mail Server - XSS

Ability Mail Server 3.3.2 has Cross Site Scripting (XSS) via the body of an e-mail message, with JavaScript code executed on the Read Mail screen (aka the /_readmail URI). This is fixed in version 4.2.4.

CVSS 6.1

View Code