Charles Fol

36 exploits Active since May 2007
EIP-2026-109988 EXPLOITDB php WORKING POC
Nuked-klaN 1.7.6 - Multiple Vulnerabilities
CVE-2012-1563 EXPLOITDB HIGH python WORKING POC
Joomla! < 2.5.3 - Unauthenticated Admin Account Creation
Joomla! before 2.5.3 allows Admin Account Creation.
CVSS 7.5
CVE-2016-9838 EXPLOITDB HIGH python WORKING POC
Joomla! < 3.6.4 - Improper Access Control via Registration Form Session Data
An issue was discovered in components/com_users/models/registration.php in Joomla! before 3.6.5. Incorrect filtering of registration form data stored to the session on a validation error enables a user to gain access to a registered user's account and reset the user's group mappings, username, and password, as demonstrated by submitting a form that targets the `registration.register` task.
CVSS 7.5
CVE-2008-6833 EXPLOITDB php WORKING POC
fuzzylime_cms - Path Traversal via commsrss.php files Parameter
Directory traversal vulnerability in commsrss.php in fuzzylime (cms) before 3.01b allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in a files array element for a blogs action, as demonstrated by the files[0] parameter.
CVE-2019-6340 EXPLOITDB HIGH text WORKING POC
Drupal 7.0.0-7.61.0 8.5.0-8.5.10 8.6.0-8.6.9 - Remote Code Execution via Unsanitized Field Data
Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core RESTful Web Services (rest) module enabled and allows PATCH or POST requests, or the site has another web services module enabled, like JSON:API in Drupal 8, or Services or RESTful Web Services in Drupal 7. (Note: The Drupal 7 Services module itself does not require an update at this time, but you should apply other contributed updates associated with this advisory if Services is in use.)
CVSS 8.1
EIP-2026-106584 EXPLOITDB php WORKING POC
Drupal 7.x Module Services - Remote Code Execution
CVE-2019-6340 EXPLOITDB HIGH ruby WORKING POC
Drupal 7.0.0-7.61.0 8.5.0-8.5.10 8.6.0-8.6.9 - Remote Code Execution via Unsanitized Field Data
Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core RESTful Web Services (rest) module enabled and allows PATCH or POST requests, or the site has another web services module enabled, like JSON:API in Drupal 8, or Services or RESTful Web Services in Drupal 7. (Note: The Drupal 7 Services module itself does not require an update at this time, but you should apply other contributed updates associated with this advisory if Services is in use.)
CVSS 8.1
CVE-2019-6977 EXPLOITDB HIGH php WORKING POC
GD Graphics Library <2.2.5 - Buffer Overflow
gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data.
CVSS 8.8
CVE-2019-0211 EXPLOITDB HIGH php WORKING POC
Apache HTTP Server 2.4.17-2.4.38 - Use-After-Free in Scoreboard
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.
CVSS 7.8
CVE-2017-3548 EXPLOITDB MEDIUM python WORKING POC
Oracle PeopleSoft Products <8.56 - Info Disclosure
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of PeopleSoft Enterprise PeopleTools. CVSS 3.0 Base Score 6.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L).
CVSS 6.5
EIP-2026-102371 EXPLOITDB python WORKING POC
Grails PDF Plugin 0.6 - XML External Entity Injection