Aryan Chehreghani

18 exploits Active since Aug 2020
CVE-2021-47951 EXPLOITDB MEDIUM text WRITEUP
WordPress Picture Gallery 1.4.2 Stored XSS via Edit Content URL
WordPress Picture Gallery 1.4.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the Edit Content URL field in the Access Control settings. Attackers can enter JavaScript payloads in the plugin options that are stored in the database and executed when the functionality is triggered, enabling session hijacking or credential theft.
CVSS 6.4
CVE-2023-53974 EXPLOITDB HIGH text WORKING POC
D-Link DSL-124 ME_1.00 - Info Disclosure
D-Link DSL-124 ME_1.00 contains a configuration file disclosure vulnerability that allows unauthenticated attackers to retrieve router settings through a POST request. Attackers can send a specific POST request to the router's configuration endpoint to download a complete backup file containing sensitive network credentials and system configurations.
CVSS 7.5
CVE-2022-50933 EXPLOITDB HIGH text WRITEUP
Cain & Abel 4.9.56 - Code Injection
Cain & Abel 4.9.56 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with LocalSystem permissions.
CVSS 7.8
CVE-2022-50931 EXPLOITDB HIGH text WORKING POC
TeamSpeak 3.5.6 - Local Privilege Escalation
TeamSpeak 3.5.6 contains an insecure file permissions vulnerability that allows local attackers to replace executable files with malicious binaries. Attackers can replace system executables like ts3client_win32.exe with custom files to potentially gain SYSTEM or Administrator-level access.
CVSS 7.8
CVE-2025-3146 EXPLOITDB HIGH text WORKING POC
PHPGurukul Bus Pass Management System 1.0 - SQL Injection via viewid Parameter
A vulnerability, which was classified as critical, was found in PHPGurukul Bus Pass Management System 1.0. This affects an unknown part of the file /view-pass-detail.php. The manipulation of the argument viewid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS 7.3
CVE-2021-47793 EXPLOITDB HIGH python WORKING POC
Telegram Desktop 2.9.2 - Denial of Service via Oversized Message Payload
Telegram Desktop 2.9.2 contains a denial of service vulnerability that allows attackers to crash the application by sending an oversized message payload. Attackers can generate a 9 million byte buffer and paste it into the messaging interface to trigger an application crash.
CVSS 7.5
CVE-2021-42230 EXPLOITDB CRITICAL text WORKING POC
Seowon 130-SLC Firmware < 2021-09-15 - Remote Code Execution via queriesCnt Parameter
Seowon 130-SLC router all versions as of 2021-09-15 is vulnerable to Remote Code Execution via the queriesCnt parameter.
CVSS 9.8
CVE-2021-47784 EXPLOITDB HIGH python WORKING POC
Cyberfox Web Browser 52.9.1 - Denial of Service via Search Bar Overflow
Cyberfox Web Browser 52.9.1 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the search bar with excessive data. Attackers can generate a 9,000,000 byte payload and paste it into the search bar to trigger an application crash.
CVSS 7.5
CVE-2021-47781 EXPLOITDB CRITICAL text WORKING POC
Cmder Console Emulator 1.3.18 - DoS
Cmder Console Emulator 1.3.18 contains a buffer overflow vulnerability that allows attackers to trigger a denial of service condition through a maliciously crafted .cmd file. Attackers can create a specially constructed .cmd file with repeated characters to overwhelm the console emulator's buffer and crash the application.
CVSS 9.8
CVE-2021-47762 EXPLOITDB HIGH text WRITEUP
HTTPDebuggerPro 9.11 - Code Injection
HTTPDebuggerPro 9.11 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables and gain elevated access to the system.
CVSS 7.8
EIP-2026-114210 EXPLOITDB text WRITEUP
WordPress Plugin WP Customize Login 1.1 - 'Change Logo Title' Stored Cross-Site Scripting (XSS)
CVE-2022-21661 EXPLOITDB HIGH text WORKING POC
WordPress 3.7-3.7.36 - SQL Injection via WP_Query
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to improper sanitization in WP_Query, there can be cases where SQL injection is possible through plugins or themes that use it in a certain way. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this vulnerability.
CVSS 8.0
EIP-2026-112467 EXPLOITDB text WORKING POC
Subrion CMS 4.2.1 - Cross Site Request Forgery (CSRF) (Add Amin)
EIP-2026-111593 EXPLOITDB python WORKING POC
Purchase Order Management System 1.0 - Remote File Upload
EIP-2026-109553 EXPLOITDB text WORKING POC
Money Transfer Management System 1.0 - Authentication Bypass
EIP-2026-109415 EXPLOITDB text WRITEUP
Men Salon Management System 1.0 - Multiple Vulnerabilities
CVE-2022-1040 EXPLOITDB CRITICAL text WORKING POC
Sophos Firewall < 18.5.3 - Unauthenticated Remote Code Execution
An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older.
CVSS 9.8
CVE-2020-17456 EXPLOITDB CRITICAL python WORKING POC
SEOWON INTECH SLC-130,SLR-120S - RCE
SEOWON INTECH SLC-130 And SLR-120S devices allow Remote Code Execution via the ipAddr parameter to the system_log.cgi page.
CVSS 9.8