Anthony Cole

6 exploits Active since Oct 2017
CVE-2018-20221 EXPLOITDB HIGH text WORKING POC
Deltek Ajera Timesheets <9.10.16 - Code Injection
Secure/SAService.rem in Deltek Ajera Timesheets 9.10.16 and prior are vulnerable to remote code execution via deserialization of untrusted user input from an authenticated user. The executed code will run as the IIS Application Pool that is running the application.
CVSS 8.8
CVE-2023-24217 EXPLOITDB HIGH python WORKING POC
AgileBio Electronic Lab Notebook <4.234 - Local File Inclusion
AgileBio Electronic Lab Notebook v4.234 was discovered to contain a local file inclusion vulnerability.
CVSS 8.8
CVE-2019-16112 EXPLOITDB HIGH python WORKING POC
TylerTech Eagle 2018.3.11 - Remote Code Execution via Untrusted Java Deserialization
TylerTech Eagle 2018.3.11 deserializes untrusted user input, resulting in remote code execution via a crafted Java object to the recorder/ServiceManager?service=tyler.empire.settings.SettingManager URI.
CVSS 8.8
CVE-2023-27823 EXPLOITDB CRITICAL text WORKING POC
Optoma 1080PSTX C02 - Unauthenticated Authentication Bypass
An authentication bypass in Optoma 1080PSTX C02 allows an attacker to access the administration console without valid credentials.
CVSS 9.8
CVE-2017-15639 EXPLOITDB MEDIUM text WORKING POC
Mura CMS < 6.1 - XML External Entity Injection via RSS Feed Parser
tasks/feed/readRSS.cfm in Mura CMS before 6.2 allows attackers to bypass intended access restrictions by leveraging the "draggable feeds" feature.
CVSS 6.5
EIP-2026-100656 EXPLOITDB text WORKING POC
Microix Timesheet Module - SQL Injection