Frederic Cikala

4 exploits Active since Nov 2013
CVE-2017-5173 EXPLOITDB CRITICAL ruby WORKING POC
Geutebruck IP Camera G-Cam/EFD-2250 <1.11.0.12 - Command Injection
An Improper Neutralization of Special Elements (in an OS command) issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An improper neutralization of special elements vulnerability has been identified. If special elements are not properly neutralized, an attacker can call multiple parameters that can allow access to the root level operating system which could allow remote code execution.
CVSS 9.8
CVE-2013-4557 METASPLOIT ruby WORKING POC
SPIP < 3.0.12 - Remote Code Execution via Security Screen Connect Parameter
The Security Screen (_core_/securite/ecran_securite.php) before 1.1.8 for SPIP, as used in SPIP 3.0.x before 3.0.12, allows remote attackers to execute arbitrary PHP via the connect parameter.
EIP-2026-104775 EXPLOITDB ruby WORKING POC
SPIP - 'connect' PHP Injection (Metasploit)
CVE-2017-5174 EXPLOITDB CRITICAL ruby WORKING POC
Geutebruck IP Camera G-Cam/EFD-2250 <1.11.0.12 - Auth Bypass
An Authentication Bypass issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An authentication bypass vulnerability has been identified. The existing file system architecture could allow attackers to bypass the access control that may allow remote code execution.
CVSS 9.8