Chris

6 exploits Active since Jun 2009
CVE-2025-12744 EXPLOITDB HIGH python FAILED
Red Hat ABRT - Command Injection via Mount Information
A flaw was found in the ABRT daemon’s handling of user-supplied mount information.ABRT copies up to 12 characters from an untrusted input and places them directly into a shell command (docker inspect %s) without proper validation. An unprivileged local user can craft a payload that injects shell metacharacters, causing the root-running ABRT process to execute attacker-controlled commands and ultimately gain full root privileges.
CVSS 8.8
CVE-2009-1699 EXPLOITDB HIGH text WORKING POC
Apple Safari < 4.0 - XML External Entity Injection via XSL Stylesheet
The XSL stylesheet implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle XML external entities, which allows remote attackers to read arbitrary files via a crafted DTD, as demonstrated by a file:///etc/passwd URL in an entity declaration, related to an "XXE attack."
CVSS 7.5
EIP-2026-117803 EXPLOITDB c WORKING POC
Qbik WinGate 3.0 - Registry
CVE-2015-3134 EXPLOITDB text WRITEUP
Adobe Flash Player <13.0.0.302 & 14.x-18.x - Memory Corruption
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3117, CVE-2015-3123, CVE-2015-3130, CVE-2015-3133, and CVE-2015-4431.
CVE-2009-1699 EXPLOITDB HIGH text WORKING POC
Apple Safari < 4.0 - XML External Entity Injection via XSL Stylesheet
The XSL stylesheet implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle XML external entities, which allows remote attackers to read arbitrary files via a crafted DTD, as demonstrated by a file:///etc/passwd URL in an entity declaration, related to an "XXE attack."
CVSS 7.5
CVE-2018-7669 EXPLOITDB HIGH text WRITEUP
Sitecore.NET 8.1 rev. 151207 Hotfix 141178-1 and above - Path Traversal via Log Viewer File Parameter
An issue was discovered in Sitecore Sitecore.NET 8.1 rev. 151207 Hotfix 141178-1 and above. The 'Log Viewer' application is vulnerable to a directory traversal attack, allowing an attacker to access arbitrary files from the host Operating System using a sitecore/shell/default.aspx?xmlcontrol=LogViewerDetails&file= URI. Validation is performed to ensure that the text passed to the 'file' parameter correlates to the correct log file directory. This filter can be bypassed by including a valid log filename and then appending a traditional 'dot dot' style attack.
CVSS 7.5