Chris Inzinga

6 exploits Active since Jan 2020
CVE-2020-5307 EXPLOITDB CRITICAL text WORKING POC
Phpgurukul Dairy Farm Shop Management System - SQL Injection
PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL injection, as demonstrated by the username parameter in index.php, the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName and ProductPrice parameters in add-product.php.
CVSS 9.8
CVE-2019-25330 EXPLOITDB HIGH python WORKING POC
SurfOffline Professional 2.2.0.103 - Buffer Overflow
SurfOffline Professional 2.2.0.103 contains a structured exception handler (SEH) overflow vulnerability that allows attackers to crash the application by manipulating the project name input. Attackers can generate a malicious payload of 382 'A' characters followed by specific byte sequences to trigger a denial of service condition and overwrite SEH registers.
CVSS 7.5
CVE-2019-25329 EXPLOITDB HIGH python WORKING POC
FTP Navigator 8.03 - DoS
FTP Navigator 8.03 contains a denial of service vulnerability that allows attackers to crash the application by overwriting Structured Exception Handler (SEH) with malicious input. Attackers can generate a payload of 4108 'A' characters followed by 4 'B' characters and 40 'C' characters to trigger a program crash when pasted into the custom command input.
CVSS 7.5
CVE-2019-25321 EXPLOITDB CRITICAL python WORKING POC
FTP Navigator 8.03 - RCE
FTP Navigator 8.03 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious payload that triggers a buffer overflow when pasted into the Custom Command textbox, enabling remote code execution and launching the calculator as proof of concept.
CVSS 9.8
CVE-2019-25321 EXPLOITDB CRITICAL python WORKING POC
FTP Navigator 8.03 - RCE
FTP Navigator 8.03 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious payload that triggers a buffer overflow when pasted into the Custom Command textbox, enabling remote code execution and launching the calculator as proof of concept.
CVSS 9.8
EIP-2026-111155 EXPLOITDB text WORKING POC
phpMyChat-Plus 1.98 - 'pmc_username' Reflected Cross-Site Scripting