Filippo Roncari

8 exploits Active since Jun 2014
CVE-2014-0910 EXPLOITDB text WORKING POC
IBM Websphere Portal - XSS
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0.0 through 6.1.0.6 CF27, 6.1.5.0 through 6.1.5.3 CF27, and 7.0.0 through 7.0.0.2 CF28 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
EIP-2026-112574 EXPLOITDB text WRITEUP
TCPDF Library 5.9 - Arbitrary File Deletion
CVE-2015-4148 EXPLOITDB python WORKING POC
Apple Mac OS X < 10.10.4 - Improper Input Validation
The do_soap_call function in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that the uri property is a string, which allows remote attackers to obtain sensitive information by providing crafted serialized data with an int data type, related to a "type confusion" issue.
EIP-2026-107192 EXPLOITDB text WORKING POC
Forma LMS 1.3 - Multiple SQL Injections
EIP-2026-107191 EXPLOITDB text WORKING POC
Forma LMS 1.3 - Multiple PHP Object Injection Vulnerabilities
EIP-2026-106786 EXPLOITDB text WORKING POC
eFront 3.6.15 - Directory Traversal
EIP-2026-106788 EXPLOITDB text WRITEUP
eFront 3.6.15 - PHP Object Injection
EIP-2026-106787 EXPLOITDB text WRITEUP
eFront 3.6.15 - Multiple SQL Injections