Dhiraj Mishra

44 exploits Active since Jul 2017
CVE-2017-1130 EXPLOITDB MEDIUM html WORKING POC
IBM Notes <9.0 - DoS
IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it would open up many file select dialog boxes which would cause the client hang and have to be restarted. IBM X-Force ID: 121371.
CVSS 6.5
CVE-2017-1129 EXPLOITDB MEDIUM html WORKING POC
IBM Notes <9.0 - DoS
IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it could cause the Notes client to hang and have to be restarted. IBM X-Force ID: 121370.
CVSS 6.5
EIP-2026-103460 EXPLOITDB text WORKING POC
Epiphany 3.28.2.1 - Denial of Service
CVE-2019-12137 EXPLOITDB HIGH text WORKING POC
Typora <0.9.9.24.6 - Path Traversal
Typora 0.9.9.24.6 on macOS allows directory traversal, for execution of arbitrary programs, via a file:/// or ../ substring in a shared note.
CVSS 7.8
CVE-2017-1000028 EXPLOITDB HIGH ruby WORKING POC
Oracle GlassFish Server Open Source Edition 4.1 - Path Traversal
Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request.
CVSS 7.5
CVE-2019-10038 EXPLOITDB HIGH text WRITEUP
Evernote <7.9 - RCE
Evernote 7.9 on macOS allows attackers to execute arbitrary programs by embedding a reference to a local executable file such as the /Applications/Calculator.app/Contents/MacOS/Calculator file.
CVSS 7.8
CVE-2018-14912 EXPLOITDB HIGH ruby WORKING POC
CGit <1.2.1 - Path Traversal
cgit_clone_objects in CGit before 1.2.1 has a directory traversal vulnerability when `enable-http-clone=1` is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request.
CVSS 7.5
CVE-2019-6498 EXPLOITDB HIGH ruby WORKING POC
Labapart Gattlib - Out-of-Bounds Read
GattLib 0.2 has a stack-based buffer over-read in gattlib_connect in dbus/gattlib.c because strncpy is misused.
CVSS 8.8
CVE-2018-11646 EXPLOITDB HIGH text WORKING POC
WebKitGTK+ <2.21.3 - Use After Free
webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp in WebKit, as used in WebKitGTK+ through 2.21.3, mishandle an unset pageURL, leading to an application crash.
CVSS 7.5
CVE-2018-18957 EXPLOITDB CRITICAL text WORKING POC
Mz-automation Libiec61850 - Out-of-Bounds Write
An issue has been found in libIEC61850 v1.3. It is a stack-based buffer overflow in prepareGooseBuffer in goose/goose_publisher.c.
CVSS 9.8
EIP-2026-102758 EXPLOITDB text WORKING POC
VIM 8.2 - Denial of Service (PoC)
CVE-2018-11646 EXPLOITDB HIGH ruby WORKING POC
WebKitGTK+ <2.21.3 - Use After Free
webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp in WebKit, as used in WebKitGTK+ through 2.21.3, mishandle an unset pageURL, leading to an application crash.
CVSS 7.5
CVE-2019-8375 EXPLOITDB CRITICAL text WORKING POC
Webkitgtk < 2.23.90 - Memory Corruption
The UIProcess subsystem in WebKit, as used in WebKitGTK through 2.23.90 and WebKitGTK+ through 2.22.6 and other products, does not prevent the script dialog size from exceeding the web view size, which allows remote attackers to cause a denial of service (Buffer Overflow) or possibly have unspecified other impact, related to UIProcess/API/gtk/WebKitScriptDialogGtk.cpp, UIProcess/API/gtk/WebKitScriptDialogImpl.cpp, and UIProcess/API/gtk/WebKitWebViewGtk.cpp, as demonstrated by GNOME Web (aka Epiphany).
CVSS 9.8
EIP-2026-102578 EXPLOITDB text WORKING POC
Epiphany Web Browser 3.28.1 - Denial of Service (PoC)
CVE-2019-0186 EXPLOITDB MEDIUM text WRITEUP
Apache Pluto < 3.1.0 - XSS
The input fields of the Apache Pluto "Chat Room" demo portlet 3.0.0 and 3.0.1 are vulnerable to Cross-Site Scripting (XSS) attacks. Mitigation: * Uninstall the ChatRoomDemo war file - or - * migrate to version 3.1.0 of the chat-room-demo war file
CVSS 6.1
CVE-2019-3799 EXPLOITDB MEDIUM ruby WORKING POC
Vmware Spring Cloud Config < 1.4.6 - Path Traversal
Spring Cloud Config, versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead a directory traversal attack.
CVSS 6.5
CVE-2019-12477 EXPLOITDB MEDIUM text WORKING POC
Supra Smart Cloud TV Remote File Inclusion
Supra Smart Cloud TV allows remote file inclusion in the openLiveURL function, which allows a local attacker to broadcast fake video without any authentication via a /remote/media_control?action=setUri&uri= URI.
CVSS 5.5
EIP-2026-100944 EXPLOITDB ruby WORKING POC
Zen Load Balancer 3.10.1 - Directory Traversal (Metasploit)
CVE-2017-17692 EXPLOITDB HIGH ruby WORKING POC
Samsung Internet Browser - Information Disclosure
Samsung Internet Browser 5.4.02.3 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that redirects to a child tab and rewrites the innerHTML property.
CVSS 7.5