Dolev Farhi

40 exploits Active since May 2014
EIP-2026-104364 EXPLOITDB python WORKING POC
ntop-ng 2.5.160805 - Username Enumeration
CVE-2015-8368 EXPLOITDB text WRITEUP
ntopng <2.2 - Privilege Escalation
ntopng (aka ntop) before 2.2 allows remote authenticated users to change the login context and gain privileges via the user cookie and username parameter to admin/password_reset.lua.
EIP-2026-104274 EXPLOITDB python WORKING POC
Hasura GraphQL 2.2.0 - Information Disclosure
CVE-2014-3840 EXPLOITDB text WRITEUP
Mayan-edms Mayan Edms - XSS
Multiple cross-site scripting (XSS) vulnerabilities in apps/common/templates/calculate_form_title.html in Mayan EDMS 0.13 allow remote authenticated users to inject arbitrary web script or HTML via a (1) tag or the (2) title of a source in a Staging folder, (3) Name field in a bootstrap setup, or Title field in a (4) smart link or (5) web form.
CVE-2014-3738 EXPLOITDB text WORKING POC
Zenoss - XSS
Cross-site scripting (XSS) vulnerability in Zenoss 4.2.5 allows remote attackers to inject arbitrary web script or HTML via the title of a device.
CVE-2014-6070 EXPLOITDB text WORKING POC
Adiscon Loganalyzer < 3.6.5 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Adiscon LogAnalyzer before 3.6.6 allow remote attackers to inject arbitrary web script or HTML via the hostname in (1) index.php or (2) detail.php.
CVE-2020-14181 EXPLOITDB MEDIUM python WORKING POC
Atlassian Data Center < 7.13.6 - Information Disclosure
Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the /ViewUserHover.jspa endpoint. The affected versions are before version 7.13.6, from version 8.0.0 before 8.5.7, and from version 8.6.0 before 8.12.0.
CVSS 5.3
EIP-2026-104164 EXPLOITDB python WORKING POC
Apache Superset 1.1.0 - Time-Based Account Enumeration
EIP-2026-103314 EXPLOITDB text WORKING POC
RabbitMQ Web Management < 3.7.6 - Cross-Site Request Forgery (Add Admin)
EIP-2026-103269 EXPLOITDB python WORKING POC
Cobbler 2.8.0 - (Authenticated) Remote Code Execution
EIP-2026-101775 EXPLOITDB text WORKING POC
Hitron Router CGN3ACSMR 4.5.8.16 - Arbitrary Code Execution
EIP-2026-101904 EXPLOITDB text WRITEUP
OpenFiler 2.99.1 - Multiple Persistent Cross-Site Scripting Vulnerabilities
EIP-2026-101903 EXPLOITDB text WORKING POC
OpenFiler 2.99.1 - Arbitrary Code Execution
EIP-2026-101862 EXPLOITDB text WRITEUP
Netgear DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting
EIP-2026-101861 EXPLOITDB text WRITEUP
Netgear DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure