Benjamin Kunz Mejri

139 exploits Active since Jan 2012
CVE-2012-1225 EXPLOITDB text WRITEUP
Dolibarr < 3.2.0 - Authenticated SQL Injection via Memberslist or Rowid Parameter
Multiple SQL injection vulnerabilities in Dolibarr CMS 3.2.0 Alpha and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) memberslist parameter (aka Member List) in list.php or (2) rowid parameter to adherents/fiche.php.
EIP-2026-104501 EXPLOITDB text WORKING POC
Worksforweb iAuto - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
EIP-2026-104479 EXPLOITDB text WRITEUP
VestaCP 0.9.8-26 - 'backup' Information Disclosure
EIP-2026-104445 EXPLOITDB text WRITEUP
SonicWALL CDP 5040 6.x - Multiple Vulnerabilities
EIP-2026-104430 EXPLOITDB text WRITEUP
SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities
EIP-2026-104239 EXPLOITDB text WRITEUP
Endpoint Protector 4.0.4.0 - Multiple Vulnerabilities
CVE-2014-2879 EXPLOITDB text WRITEUP
SonicWALL Email Security Appliance < 7.4.5 - Authenticated Cross-Site Scripting via Upload Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Dell SonicWALL Email Security 7.4.5 and earlier allow remote authenticated administrators to inject arbitrary web script or HTML via (1) the uploadPatch parameter to the System/Advanced page (settings_advanced.html) or (2) the uploadLicenses parameter in the License management (settings_upload_dlicense.html) page.
CVE-2012-1047 EXPLOITDB text WORKING POC
Cyberoam Central Console <2.00.2 - Path Traversal
Directory traversal vulnerability in the WWWHELP Service (js/html/wwhelp.htm) in Cyberoam Central Console (CCC) 2.00.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter in an Online_help action.
CVE-2017-13754 EXPLOITDB MEDIUM text WORKING POC
CodeMeter < 6.50a - Cross-Site Scripting via Time Server Configuration
Cross-site scripting (XSS) vulnerability in the "advanced settings - time server" module in Wibu-Systems CodeMeter before 6.50b allows remote attackers to inject arbitrary web script or HTML via the "server name" field in actions/ChangeConfiguration.html.
CVSS 5.4
EIP-2026-104185 EXPLOITDB text WRITEUP
Barracuda Networks #35 Web Firewall 610 6.0.1 - Filter Bypass / Persistent
EIP-2026-104083 EXPLOITDB text WRITEUP
SonicWALL AntiSpam & EMail 7.3.1 - Multiple Vulnerabilities
EIP-2026-103892 EXPLOITDB html WRITEUP
Dell SonicWALL Scrutinizer - Multiple HTML Injection Vulnerabilities
EIP-2026-102539 EXPLOITDB text WRITEUP
Totemomail 4.x/5.x - Persistent Cross-Site Scripting
EIP-2026-102318 EXPLOITDB text WRITEUP
Wireless Photo Access 1.0.10 iOS - Multiple Vulnerabilities
EIP-2026-102121 EXPLOITDB text WORKING POC
WirelessFiles 1.1 iPad iPhone - Multiple Vulnerabilities
EIP-2026-102161 EXPLOITDB text WRITEUP
Grindr 2.1.1 iOS - Denial of Service
EIP-2026-102179 EXPLOITDB text WRITEUP
Photo Transfer (2) 1.0 iOS - Denial of Service
EIP-2026-102195 EXPLOITDB text WRITEUP
Air Drive Plus - Multiple Input Validation Vulnerabilities
EIP-2026-102198 EXPLOITDB text WRITEUP
Bluetooth Text Chat 1.0 iOS - Code Execution
EIP-2026-102212 EXPLOITDB text WRITEUP
Air Drive Plus 2.4 - Arbitrary File Upload
EIP-2026-102214 EXPLOITDB text WRITEUP
Album Lock 4.0 iOS - Directory Traversal
EIP-2026-102215 EXPLOITDB text WRITEUP
Album Streamer 2.0 iOS - Directory Traversal
EIP-2026-102216 EXPLOITDB text WRITEUP
AllReader 1.0 iOS - Multiple Vulnerabilities
CVE-2013-5147 EXPLOITDB text WRITEUP
iPhone OS < 6.1.4 - Passcode Lock Bypass via Race Condition
Passcode Lock in Apple iOS before 7 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement by leveraging a race condition involving phone calls and ejection of a SIM card.
EIP-2026-102220 EXPLOITDB text WRITEUP
C/C++ Offline Compiler and C For OS - Persistent Cross-Site Scripting