Daniel Correa

4 exploits Active since Aug 2012
CVE-2017-11355 EXPLOITDB MEDIUM text WORKING POC
Pega Platform < 7.2_ml0 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in PEGA Platform 7.2 ML0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO to the main page; the (2) beanReference parameter to the JavaBean viewer page; or the (3) pyTableName to the System database schema modification page.
CVSS 6.1
EIP-2026-118851 EXPLOITDB text WORKING POC
Microsoft Internet Explorer/Opera - Source Code viewer Null Character Handling
CVE-2012-4070 EXPLOITDB text WORKING POC
Dir2web - SQL Injection
SQL injection vulnerability in system/src/dispatcher.php in Dir2web 3.0 allows remote attackers to execute arbitrary SQL commands via the oid parameter in a homepage action to index.php.
CVE-2017-11356 EXPLOITDB MEDIUM text WORKING POC
Pega Platform < 7.2_ml0 - Information Disclosure
The application distribution export functionality in PEGA Platform 7.2 ML0 and earlier allows remote authenticated users with certain privileges to obtain sensitive configuration information by leveraging a missing access control.
CVSS 6.5