Eric Salario

5 exploits Active since Sep 2021
CVE-2024-37569 WRITEUP HIGH WORKING POC
Mitel 6869i SIP Firmware < 4.5.0.41 and 5.x <= 5.0.0.1018 - Authenticated Remote Code Execution via Hostname Parameter
An issue was discovered on Mitel 6869i through 4.5.0.41 and 5.x through 5.0.0.1018 devices. A command injection vulnerability exists in the hostname parameter taken in by the provis.html endpoint. The provis.html endpoint performs no sanitization on the hostname parameter (sent by an authenticated user), which is subsequently written to disk. During boot, the hostname parameter is executed as part of a series of shell commands. Attackers can achieve remote code execution in the root context by placing shell metacharacters in the hostname parameter.
CVSS 8.8
CVE-2021-40309 EXPLOITDB HIGH text WORKING POC
OpenSIS 8.0 - Authenticated SQL Injection via cp_id_miss_attn Parameter
A SQL injection vulnerability exists in the Take Attendance functionality of OS4Ed's OpenSIS 8.0. allows an attacker to inject their own SQL query. The cp_id_miss_attn parameter from TakeAttendance.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request as a user with access to "Take Attendance" functionality to trigger this vulnerability.
CVSS 8.8
CVE-2021-47791 EXPLOITDB HIGH python WORKING POC
SmartFTP Client 10.0.2909.0 - Denial of Service via Malformed Paths or Invalid IP Addresses
SmartFTP Client 10.0.2909.0 contains multiple denial of service vulnerabilities that allow attackers to crash the application through specific input manipulation. Attackers can trigger crashes by entering malformed paths, using invalid IP addresses, or clearing connection history in the client's interface.
CVSS 7.5
CVE-2021-40651 EXPLOITDB MEDIUM text WORKING POC
OS4Ed OpenSIS Community 8.0 - Info Disclosure
OS4Ed OpenSIS Community 8.0 is vulnerable to a local file inclusion vulnerability in Modules.php (modname parameter), which can disclose arbitrary file from the server's filesystem as long as the application has access to the file.
CVSS 6.5
EIP-2026-110319 EXPLOITDB text WORKING POC
OpenSIS 8.0 - 'cp_id_miss_attn' Reflected Cross-Site Scripting (XSS)