Brendan Coles

95 exploits Active since Oct 2006
EIP-2026-113179 EXPLOITDB text WORKING POC
WANem - Multiple Cross-Site Scripting Vulnerabilities
EIP-2026-112475 EXPLOITDB text WRITEUP
SugarCRM Community Edition 6.5.2 (Build 8410) - Multiple Vulnerabilities
EIP-2026-112474 EXPLOITDB text WORKING POC
SugarCRM Community Edition - Multiple Information Disclosure Vulnerabilities
EIP-2026-110307 EXPLOITDB text WORKING POC
OpenFiler 2.3 - Multiple Cross-Site Scripting / Information Disclosure Vulnerabilities
EIP-2026-107772 EXPLOITDB text WORKING POC
iGiveTest 2.1.0 - SQL Injection
EIP-2026-107976 EXPLOITDB text WORKING POC
iSupport 1.8 - SQL Injection
EIP-2026-105675 EXPLOITDB text WORKING POC
Cachelogic Expired Domains Script 1.0 - Multiple Vulnerabilities
EIP-2026-105618 EXPLOITDB text WORKING POC
BrewBlogger 2.3.2 - Multiple Vulnerabilities
CVE-2017-1092 EXPLOITDB CRITICAL ruby WORKING POC
IBM Informix Open Admin Tool <12.1 - RCE
IBM Informix Open Admin Tool 11.5, 11.7, and 12.1 could allow an unauthorized user to execute arbitrary code as system admin on Windows servers. IBM X-Force ID: 120390.
CVSS 9.8
EIP-2026-104781 EXPLOITDB ruby WORKING POC
TestLink 1.9.3 - Arbitrary File Upload (Metasploit)
CVE-2014-9567 EXPLOITDB ruby WORKING POC
ProjectSend <r561 - RCE
Unrestricted file upload vulnerability in process-upload.php in ProjectSend (formerly cFTP) r100 through r561 allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in the upload/files/ or upload/temp/ directory.
CVE-2011-4275 EXPLOITDB ruby WORKING POC
iTop 1.1.181-1.2.0-RC-282 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in iTop (aka IT Operations Portal) 1.1.181 and 1.2.0-RC-282 allow remote attackers to inject arbitrary web script or HTML via (1) a crafted company name, (2) a crafted database server name, (3) a crafted CSV file, (4) a crafted copy-and-paste action, (5) the auth_user parameter in a suggest_pwd action to UI.php, (6) the c[menu] parameter to UniversalSearch.php, (7) the description parameter in a SearchFormToAdd_document_list action to UI.php, (8) the category parameter in an errors action to audit.php, or (9) the suggest_pwd parameter to UI.php.
EIP-2026-104724 EXPLOITDB ruby WORKING POC
eXtplorer 2.1 - Arbitrary File Upload (Metasploit)
CVE-2018-6849 EXPLOITDB MEDIUM ruby WORKING POC
Duckduckgo - Information Disclosure
In the WebRTC component in DuckDuckGo 4.2.0, after visiting a web site that attempts to gather complete client information (such as https://ip.voidsec.com), the browser can disclose a private IP address in a STUN request.
CVSS 4.3
EIP-2026-104514 EXPLOITDB python WORKING POC
Zenoss 3.2.1 - (Authenticated) Remote Command Execution
CVE-2013-6366 EXPLOITDB ruby WORKING POC
Vmware Hyperic HQ - Code Injection
The Groovy script console in VMware Hyperic HQ 4.6.6 allows remote authenticated administrators to execute arbitrary code via a Runtime.getRuntime().exec call.
CVE-2018-14665 EXPLOITDB MEDIUM ruby WORKING POC
xorg-x11-server <1.20.3 - Privilege Escalation
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges.
CVSS 6.6
CVE-2017-6516 EXPLOITDB MEDIUM ruby WORKING POC
MagniComp SysInfo mcsiwrapper Privilege Escalation
A Local Privilege Escalation Vulnerability in MagniComp's Sysinfo before 10-H64 for Linux and UNIX platforms could allow a local attacker to gain elevated privileges. Parts of SysInfo require setuid-to-root access in order to access restricted system files and make restricted kernel calls. This access could be exploited by a local attacker to gain a root shell prompt using the right combination of environment variables and command line arguments.
CVSS 6.7
EIP-2026-103138 EXPLOITDB ruby WORKING POC
HID discoveryd - 'command_blink_on' Remote Code Execution (Metasploit)
CVE-2017-7494 EXPLOITDB CRITICAL ruby WORKING POC
Samba is_known_pipename() Arbitrary Module Load
Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
CVSS 9.8
CVE-2018-0707 EXPLOITDB HIGH ruby WORKING POC
Qnap Q'center < 1.7.1063 - OS Command Injection
Command injection vulnerability in change password of QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to run arbitrary commands.
CVSS 7.2
CVE-2013-1349 EXPLOITDB ruby WORKING POC
Os4ed Opensis - Code Injection
Eval injection vulnerability in ajax.php in openSIS 4.5 through 5.2 allows remote attackers to execute arbitrary PHP code via the modname parameter.
EIP-2026-103137 EXPLOITDB ruby WORKING POC
HID discoveryd - 'command_blink_on' Remote Code Execution (Metasploit)
CVE-2014-7910 EXPLOITDB ruby WORKING POC
Google Chrome < 39.0.2171.45 - Denial of Service
Multiple unspecified vulnerabilities in Google Chrome before 39.0.2171.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2010-3847 EXPLOITDB ruby WORKING POC
glibc LD_AUDIT Arbitrary DSO Load Privilege Escalation
elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object (DSO) located in an arbitrary directory.