Andrés Gómez

7 exploits Active since Apr 2010
CVE-2010-5057 EXPLOITDB text WORKING POC
CMS Ariadna 1.1 - SQL Injection via detResolucion.php tipodoc_id Parameter
SQL injection vulnerability in detResolucion.php in CMS Ariadna 1.1 allows remote attackers to execute arbitrary SQL commands via the tipodoc_id parameter.
CVE-2011-4620 EXPLOITDB c WORKING POC
PLIB 1.8.5 - Buffer Overflow in ulSetError Function
Buffer overflow in the ulSetError function in util/ulError.cxx in PLIB 1.8.5, as used in TORCS 1.3.1 and other products, allows user-assisted remote attackers to execute arbitrary code via vectors involving a long error message, as demonstrated by a crafted acc file for TORCS. NOTE: some of these details are obtained from third party information.
CVE-2012-4552 EXPLOITDB c WORKING POC
PLIB 1.8.5 - Stack-Based Buffer Overflow in ssgParser Error Function
Stack-based buffer overflow in the error function in ssg/ssgParser.cxx in PLIB 1.8.5 allows remote attackers to execute arbitrary code via a crafted 3d model file that triggers a long error message, as demonstrated by a .ase file.
EIP-2026-110262 EXPLOITDB text WORKING POC
OpenCart 1.3.2 - 'page' SQL Injection
EIP-2026-109022 EXPLOITDB text WRITEUP
KLINK - SQL Injection
CVE-2010-1336 EXPLOITDB text WRITEUP
INVOhost 3.4 - SQL Injection via site.php id/newlanguage Parameters
Multiple SQL injection vulnerabilities in INVOhost 3.4 allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) newlanguage parameters to site.php, (3) search parameter to manuals.php, and (4) unspecified vectors to faq.php. NOTE: some of these details are obtained from third party information.
CVE-2010-5058 EXPLOITDB text WORKING POC
CMS Ariadna 1.1 - SQL Injection via detResolucion.php res_id Parameter
SQL injection vulnerability in detResolucion.php in CMS Ariadna 1.1 allows remote attackers to execute arbitrary SQL commands via the res_id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.