Cristiano Maruti

5 exploits Active since Mar 1998
CVE-2015-1389 WRITEUP WRITEUP
Aruba Networks ClearPass Policy Manager <6.4.5 - XSS
Cross-site scripting (XSS) vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.5 allows remote attackers to inject arbitrary web script or HTML via the username parameter to tips/tipsLoginSubmit.action.
CVE-2010-1871 METASPLOIT HIGH ruby WORKING POC
JBoss Enterprise Application Platform 4.3.0 - Remote Code Execution via JBoss Expression Language Injection
JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL. NOTE: this is only a vulnerability when the Java Security Manager is not properly configured.
CVSS 8.8
CVE-1999-0502 METASPLOIT ruby SCANNER
HP-UX - Unauthenticated Remote Login via Default Null Password
A Unix account has a default, null, blank, or missing password.
CVE-2018-7538 EXPLOITDB CRITICAL text WORKING POC
Tuleap < 9.18 - SQL Injection in Tracker Functionality
A SQL injection vulnerability in the tracker functionality of Enalean Tuleap software engineering platform before 9.18 allows attackers to execute arbitrary SQL commands.
CVSS 9.8
CVE-2015-1389 EXPLOITDB text WRITEUP
Aruba Networks ClearPass Policy Manager <6.4.5 - XSS
Cross-site scripting (XSS) vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.5 allows remote attackers to inject arbitrary web script or HTML via the username parameter to tips/tipsLoginSubmit.action.