DisK0nn3cT

2 exploits Active since Apr 2014

CVE-2014-0160 NOMISEC HIGH WORKING POC

OpenSSL <1.0.1g - Info Disclosure

The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.

18 stars

CVSS 7.5

View Code

CVE-2011-4403 EXPLOITDB html WORKING POC

Zen Cart 1.3.9h - CSRF

Multiple cross-site request forgery (CSRF) vulnerabilities in Zen Cart 1.3.9h allow remote attackers to hijack the authentication of administrators for requests that (1) delete a product via a delete_product_confirm action to product.php or (2) disable a product via a setflag action to categories.php.

View Code