Chris Higgins

10 exploits Active since May 2014
CVE-2025-34107 EXPLOITDB HIGH ruby WORKING POC
WinaXe FTP Client <7.7 - Buffer Overflow
A buffer overflow vulnerability exists in the WinaXe FTP Client version 7.7 within the FTP banner parsing functionality, WCMDPA10.dll. When the client connects to a remote FTP server and receives an overly long '220 Server Ready' response, the vulnerable component responsible for parsing the banner overflows a stack buffer, leading to arbitrary code execution under the context of the user.
CVE-2025-34108 METASPLOIT HIGH ruby WORKING POC
Disk Pulse Enterprise <9.0.34 - Buffer Overflow
A stack-based buffer overflow vulnerability exists in the login functionality of Disk Pulse Enterprise version 9.0.34. An attacker can send a specially crafted HTTP POST request to the /login endpoint with an overly long username parameter, causing a buffer overflow in the libspp.dll component. Successful exploitation allows arbitrary code execution with SYSTEM privileges.
CVE-2017-6416 METASPLOIT CRITICAL ruby WORKING POC
Flexense Sysgauge - Memory Corruption
An issue was discovered in SysGauge 1.5.18. A buffer overflow vulnerability in SMTP connection verification leads to arbitrary code execution. The attack vector is a crafted SMTP daemon that sends a long 220 (aka "Service ready") string.
CVSS 9.8
CVE-2017-13696 METASPLOIT CRITICAL ruby WORKING POC
Flexense Dupscout - Memory Corruption
A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9.9.14, Sync Breeze Enterprise 9.9.16, and Disk Pulse Enterprise 9.9.16 where an attacker can craft a malicious GET request and exploit the web server component. Successful exploitation of the software will allow an attacker to gain complete access to the system with NT AUTHORITY / SYSTEM level privileges. The vulnerability lies due to improper handling and sanitization of the incoming request.
CVSS 9.8
CVE-2013-4730 METASPLOIT ruby WORKING POC
PCMan's FTP Server 2.0.7 - RCE
Buffer overflow in PCMan's FTP Server 2.0.7 allows remote attackers to execute arbitrary code via a long string in a USER command.
CVE-2025-34107 METASPLOIT HIGH ruby WORKING POC
WinaXe FTP Client <7.7 - Buffer Overflow
A buffer overflow vulnerability exists in the WinaXe FTP Client version 7.7 within the FTP banner parsing functionality, WCMDPA10.dll. When the client connects to a remote FTP server and receives an overly long '220 Server Ready' response, the vulnerable component responsible for parsing the banner overflows a stack buffer, leading to arbitrary code execution under the context of the user.
EIP-2026-119203 EXPLOITDB ruby WORKING POC
SysGauge 1.5.18 - SMTP Validation Buffer Overflow (Metasploit)
EIP-2026-119020 EXPLOITDB ruby WORKING POC
PCMan FTP Server - 'PUT' Buffer Overflow (Metasploit)
EIP-2026-118409 EXPLOITDB ruby WORKING POC
Disk Pulse Enterprise 9.0.34 - 'Login' Remote Buffer Overflow (Metasploit)
EIP-2026-118436 EXPLOITDB ruby WORKING POC
Dup Scout Enterprise - 'Login' Buffer Overflow (Metasploit)