Dino Barlattani

5 exploits Active since Jan 2017
CVE-2019-9017 EXPLOITDB HIGH text WORKING POC
Solarwinds Dameware Mini Remote Control - Out-of-Bounds Write
DWRCC in SolarWinds DameWare Mini Remote Control 10.0 x64 has a Buffer Overflow associated with the size field for the machine name.
CVSS 7.5
CVE-2016-3411 EXPLOITDB MEDIUM text WORKING POC
Synacor Zimbra Collaboration Suite < 8.6.0 - XSS
Cross-site scripting (XSS) vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bug 103609.
CVSS 6.1
CVE-2018-17428 EXPLOITDB CRITICAL text WORKING POC
OPAC EasyWeb Five <5.7 - SQL Injection
An issue was discovered in OPAC EasyWeb Five 5.7. There is SQL injection via the w2001/index.php?scelta=campi biblio parameter.
CVSS 9.8
CVE-2022-45639 EXPLOITDB HIGH text WORKING POC
Sleuthkit The Sleuth Kit - OS Command Injection
OS Command injection vulnerability in sleuthkit fls tool 4.11.1 allows attackers to execute arbitrary commands via a crafted value to the m parameter. NOTE: third parties have disputed this because there is no analysis showing that the backtick command executes outside the context of the user account that entered the command line.
CVSS 7.8
CVE-2018-18437 EXPLOITDB MEDIUM text WORKING POC
Axiositalia Registro Elettronico - XSS
In AXIOS ITALIA Axioscloud Sissiweb Registro Elettronico 1.7.0, secret/relogoff.aspx has XSS via the Error_Desc parameter.
CVSS 6.1