Francis Alexander

7 exploits Active since Jul 2017
CVE-2017-11467 METASPLOIT CRITICAL ruby WORKING POC
OrientDB < 2.2.22 - Remote Code Execution via Unprivileged Query Operations
OrientDB through 2.2.22 does not enforce privilege requirements during "where" or "fetchplan" or "order by" use, which allows remote attackers to execute arbitrary OS commands via a crafted request.
CVSS 9.8
CVE-2017-11467 EXPLOITDB CRITICAL WORKING POC
OrientDB < 2.2.22 - Remote Code Execution via Unprivileged Query Operations
OrientDB through 2.2.22 does not enforce privilege requirements during "where" or "fetchplan" or "order by" use, which allows remote attackers to execute arbitrary OS commands via a crafted request.
CVSS 9.8
EIP-2026-104043 EXPLOITDB ruby WORKING POC
OrientDB 2.2.2 < 2.2.22 - Remote Code Execution (Metasploit)
EIP-2026-103133 EXPLOITDB ruby WORKING POC
Hashicorp Consul - Remote Command Execution via Rexec (Metasploit)
EIP-2026-103136 EXPLOITDB ruby WORKING POC
Hashicorp Consul - Remote Command Execution via Services API (Metasploit)
EIP-2026-103134 EXPLOITDB ruby WORKING POC
Hashicorp Consul - Remote Command Execution via Rexec (Metasploit)
EIP-2026-103135 EXPLOITDB ruby WORKING POC
Hashicorp Consul - Remote Command Execution via Services API (Metasploit)