Gjoko 'LiquidWorm' Krstic

EIP-2026-104690 EXPLOITDB text WORKING POC

ABB Cylon Aspect 3.08.02 (webServerUpdate.php) - Input Validation Config Poisoning

View Code

EIP-2026-104689 EXPLOITDB text WORKING POC

ABB Cylon Aspect 3.08.02 (ethernetUpdate.php) - Authenticated Path Traversal

View Code

CVE-2024-48844 EXPLOITDB HIGH text WORKING POC

ABB Aspect-ent-2 Firmware - Resource Allocation Without Limits

Denial of Service vulnerabilities where found providing a potiential for device service disruptions.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

CVSS 7.7

View Code

CVE-2024-48840 EXPLOITDB CRITICAL text WORKING POC

ABB Aspect-ent-2 Firmware < 3.08.03 - Code Injection

Unauthorized Access vulnerabilities allow Remote Code Execution.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

CVSS 10.0

View Code

EIP-2026-104616 EXPLOITDB text WORKING POC

Horos 2.1.0 Web Portal - Directory Traversal

View Code

CVE-2008-2032 EXPLOITDB c WORKING POC

Acritum Femitter Server 1.03 - DoS

The FTP service in Acritum Femitter Server 1.03 allows remote attackers to cause a denial of service (crash) by sending multiple crafted RETR commands. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

View Code

CVE-2015-1059 EXPLOITDB python WORKING POC

AdaptCMS 3.0.3 - Code Injection

Unrestricted file upload vulnerability in admin/files/add in AdaptCMS 3.0.3 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in /app/webroot/uploads.

View Code

EIP-2026-104918 EXPLOITDB text WRITEUP

acontent 1.1 - Multiple Vulnerabilities

View Code

EIP-2026-104907 EXPLOITDB text WORKING POC

AChecker 1.2 - Multiple Error-Based SQL Injection Vulnerabilities

View Code

CVE-2024-6209 EXPLOITDB CRITICAL WORKING POC

ABB ASPECT - Enterprise <3.08.01 - Info Disclosure

Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01 ; MATRIX Series v3.08.01 allows Attacker to access files unauthorized

CVSS 10.0

View Code

CVE-2024-4007 EXPLOITDB HIGH WRITEUP

ABB ASPECT; NEXUS Series; MATRIX Series <3.07 - Info Disclosure

Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows attacker to login to product instances wrongly configured.

CVSS 8.8

View Code

EIP-2026-104807 EXPLOITDB text WORKING POC

11in1 CMS 1.0.1 - 'do.php' CRLF Injection

View Code

EIP-2026-104746 EXPLOITDB python WORKING POC

Oxwall 1.7.0 - Remote Code Execution

View Code

EIP-2026-104744 EXPLOITDB python WORKING POC

Omeka 2.2.1 - Remote Code Execution

View Code

EIP-2026-104693 EXPLOITDB text WORKING POC

ABB Cylon Aspect 4.00.00 (factorySetSerialNum.php) - Remote Code Execution

View Code

EIP-2026-104692 EXPLOITDB text WORKING POC

ABB Cylon Aspect 4.00.00 (factorySaved.php) - Unauthenticated XSS

View Code

EIP-2026-104691 EXPLOITDB text WORKING POC

ABB Cylon Aspect 3.08.03 (webServerDeviceLabelUpdate.php) - File Write DoS

View Code

CVE-2015-5285 EXPLOITDB text WORKING POC

Kallithea <0.3 - HTTP Response Splitting

CRLF injection vulnerability in Kallithea before 0.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the came_from parameter to _admin/login.

View Code

EIP-2026-104570 EXPLOITDB python WORKING POC

Horos 2.1.0 DICOM Medical Image Viewer - Denial of Service

View Code

EIP-2026-104438 EXPLOITDB text WORKING POC

SmartFoxServer 2X 2.17.0 - God Mode Console WebSocket XSS

View Code

EIP-2026-104405 EXPLOITDB text WORKING POC

Practico 13.9 - Multiple Vulnerabilities

View Code

EIP-2026-104277 EXPLOITDB text WORKING POC

i3 International Annexxus Cameras Ax-n 5.2.0 - Application Logic Flaw

View Code

EIP-2026-104379 EXPLOITDB text WORKING POC

Oracle OpenSSO 8.0 - Multiple Cross-Site Scripting POST Injection Vulnerabilities

View Code

EIP-2026-104354 EXPLOITDB text WORKING POC

NEC Univerge SV9100/SV8100 WebPro 10.0 - Configuration Download

View Code

EIP-2026-104204 EXPLOITDB text WORKING POC

CMU CERT/CC VINCE 2.0.6 - Stored XSS

View Code