Daniel Teixeira

31 exploits Active since Mar 2017
CVE-2018-6892 EXPLOITDB CRITICAL ruby WORKING POC
CloudMe Sync < 1.10.9 - Unauthenticated Remote Buffer Overflow via Port 8888
An issue was discovered in CloudMe before 1.11.0. An unauthenticated remote attacker that can connect to the "CloudMe Sync" client application listening on port 8888 can send a malicious payload causing a buffer overflow condition. This will result in an attacker controlling the program's execution flow and allowing arbitrary code execution.
CVSS 9.8
CVE-2017-7310 EXPLOITDB HIGH python WORKING POC
DiskBoss < 8.9 - Buffer Overflow via Import Command XML Name Attribute
A buffer overflow vulnerability in Import Command in SyncBreeze before 10.6, DiskSorter before 10.6, DiskBoss before 8.9, DiskPulse before 10.6, DiskSavvy before 10.6, DupScout before 10.6, and VX Search before 10.6 allows attackers to execute arbitrary code via a crafted XML file containing a long name attribute of a classify element.
CVSS 7.8
CVE-2018-7573 EXPLOITDB CRITICAL ruby WORKING POC
FTPShell Client 6.7 - Remote Code Execution via FTP 220 Response Buffer Overflow
An issue was discovered in FTPShell Client 6.7. A remote FTP server can send 400 characters of 'F' in conjunction with the FTP 220 response code to crash the application; after this overflow, one can run arbitrary code on the victim machine. This is similar to CVE-2009-3364 and CVE-2017-6465.
CVSS 9.8
CVE-2017-7310 EXPLOITDB HIGH python WORKING POC
DiskBoss < 8.9 - Buffer Overflow via Import Command XML Name Attribute
A buffer overflow vulnerability in Import Command in SyncBreeze before 10.6, DiskSorter before 10.6, DiskBoss before 8.9, DiskPulse before 10.6, DiskSavvy before 10.6, DupScout before 10.6, and VX Search before 10.6 allows attackers to execute arbitrary code via a crafted XML file containing a long name attribute of a classify element.
CVSS 7.8
CVE-2017-15222 EXPLOITDB CRITICAL ruby WORKING POC
nftp < 2.0 - Remote Code Execution via Buffer Overflow
Buffer Overflow vulnerability in Ayukov NFTPD 2.0 and earlier allows remote attackers to execute arbitrary code.
CVSS 9.8
CVE-2017-7310 EXPLOITDB HIGH ruby WORKING POC
DiskBoss < 8.9 - Buffer Overflow via Import Command XML Name Attribute
A buffer overflow vulnerability in Import Command in SyncBreeze before 10.6, DiskSorter before 10.6, DiskBoss before 8.9, DiskPulse before 10.6, DiskSavvy before 10.6, DupScout before 10.6, and VX Search before 10.6 allows attackers to execute arbitrary code via a crafted XML file containing a long name attribute of a classify element.
CVSS 7.8