Chris Inzinga

6 exploits Active since Jan 2020
CVE-2020-5307 EXPLOITDB CRITICAL text WORKING POC
PHPGurukul Dairy Farm Shop Management System 1.0 - SQL Injection via Username Parameter
PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL injection, as demonstrated by the username parameter in index.php, the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName and ProductPrice parameters in add-product.php.
CVSS 9.8
CVE-2019-25330 EXPLOITDB HIGH python WORKING POC
SurfOffline Professional 2.2.0.103 - Buffer Overflow
SurfOffline Professional 2.2.0.103 contains a structured exception handler (SEH) overflow vulnerability that allows attackers to crash the application by manipulating the project name input. Attackers can generate a malicious payload of 382 'A' characters followed by specific byte sequences to trigger a denial of service condition and overwrite SEH registers.
CVSS 7.5
CVE-2019-25329 EXPLOITDB HIGH python WORKING POC
FTP Navigator < 8.03 - Denial of Service via Custom Command Input
FTP Navigator 8.03 contains a denial of service vulnerability that allows attackers to crash the application by overwriting Structured Exception Handler (SEH) with malicious input. Attackers can generate a payload of 4108 'A' characters followed by 4 'B' characters and 40 'C' characters to trigger a program crash when pasted into the custom command input.
CVSS 7.5
CVE-2019-25321 EXPLOITDB CRITICAL python WORKING POC
FTP Navigator 8.03 - Stack-based Buffer Overflow via Custom Command Textbox
FTP Navigator 8.03 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious payload that triggers a buffer overflow when pasted into the Custom Command textbox, enabling remote code execution and launching the calculator as proof of concept.
CVSS 9.8
CVE-2019-25321 EXPLOITDB CRITICAL python WORKING POC
FTP Navigator 8.03 - Stack-based Buffer Overflow via Custom Command Textbox
FTP Navigator 8.03 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious payload that triggers a buffer overflow when pasted into the Custom Command textbox, enabling remote code execution and launching the calculator as proof of concept.
CVSS 9.8
EIP-2026-111155 EXPLOITDB text WORKING POC
phpMyChat-Plus 1.98 - 'pmc_username' Reflected Cross-Site Scripting