Carlos Mario Penagos Hollmann

22 exploits Active since Jan 2011
CVE-2011-4220 EXPLOITDB python WORKING POC
SlimPDF Reader - DoS/Code Injection
Investintech.com SlimPDF Reader does not properly restrict the arguments to unspecified function calls, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document.
CVE-2011-4221 EXPLOITDB python WORKING POC
Investintech.com Able2Doc/Able2Doc Pro - DoS/Code Injection
Unspecified vulnerability in Investintech.com Able2Doc and Able2Doc Professional allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document.
CVE-2011-4220 EXPLOITDB python WORKING POC
SlimPDF Reader - DoS/Code Injection
Investintech.com SlimPDF Reader does not properly restrict the arguments to unspecified function calls, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document.
CVE-2011-4221 EXPLOITDB python WORKING POC
Investintech.com Able2Doc/Able2Doc Pro - DoS/Code Injection
Unspecified vulnerability in Investintech.com Able2Doc and Able2Doc Professional allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document.
CVE-2011-4220 EXPLOITDB python WORKING POC
SlimPDF Reader - DoS/Code Injection
Investintech.com SlimPDF Reader does not properly restrict the arguments to unspecified function calls, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document.
CVE-2011-4221 EXPLOITDB python WORKING POC
Investintech.com Able2Doc/Able2Doc Pro - DoS/Code Injection
Unspecified vulnerability in Investintech.com Able2Doc and Able2Doc Professional allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document.
CVE-2011-3142 EXPLOITDB html WORKING POC
Wellintech Kingview - Memory Corruption
Stack-based buffer overflow in an ActiveX control in KVWebSvr.dll in WellinTech KingView 6.52 and 6.53 allows remote attackers to execute arbitrary code via a long second argument to the ValidateUser method.
CVE-2011-0498 EXPLOITDB python WORKING POC
Nokia Multimedia Player - Memory Corruption
Stack-based buffer overflow in Nokia Multimedia Player 1.00.55.5010, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long entry in a playlist (.npl) file.
EIP-2026-116796 EXPLOITDB html WORKING POC
AoA Mp4 Converter 4.1.0 - ActiveX Stack Overflow
EIP-2026-116795 EXPLOITDB html WORKING POC
AoA DVD Creator 2.5 - ActiveX Stack Overflow
EIP-2026-116713 EXPLOITDB python WORKING POC
Acoustica MP3 Audio Mixer 2.471 - Extended .M3U Directives (SEH)
CVE-2011-4222 EXPLOITDB python WORKING POC
Investintech.com Able2Extract - DoS/Code Injection
Unspecified vulnerability in Investintech.com Able2Extract and Able2Extract Server allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document.
EIP-2026-116712 EXPLOITDB python WORKING POC
Acoustica Audio Converter Pro 1.1 (build 25) - '.mp3 / .wav / .ogg / .wma' Local Heap Overflow
CVE-2012-1830 EXPLOITDB python WORKING POC
Wellintech Kingview < 6.53 - Memory Corruption
Stack-based buffer overflow in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 555.
EIP-2026-115591 EXPLOITDB html WORKING POC
Maxthon Browser 3.0.20.1000 - ref / replace Denial of Service
CVE-2012-1831 EXPLOITDB text WORKING POC
Wellintech Kingview < 6.53 - Memory Corruption
Heap-based buffer overflow in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 555.
EIP-2026-115040 EXPLOITDB python WORKING POC
Chalk Creek Media Player 1.0.7 - '.mp3' / '.wma' Denial of Service
CVE-2011-4222 EXPLOITDB python WORKING POC
Investintech.com Able2Extract - DoS/Code Injection
Unspecified vulnerability in Investintech.com Able2Extract and Able2Extract Server allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document.
CVE-2011-4222 EXPLOITDB python WORKING POC
Investintech.com Able2Extract - DoS/Code Injection
Unspecified vulnerability in Investintech.com Able2Extract and Able2Extract Server allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document.
EIP-2026-107465 EXPLOITDB text WORKING POC
gpEasy CMS Minishop 1.5 Plugin - Persistent Cross-Site Scripting
EIP-2026-103495 EXPLOITDB html WORKING POC
Google Chrome 8.0.552.237 - replace Denial of Service
CVE-2011-2751 EXPLOITDB text WRITEUP
Parodia < 6.8 - SQL Injection
SQL injection vulnerability in Parodia before 6.809 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.