Gjoko 'LiquidWorm' Krstic

684 exploits Active since Nov 2005
CVE-2019-25325 EXPLOITDB HIGH text WORKING POC
Thrive Smart Home 1.1 - SQL Injection
Thrive Smart Home 1.1 contains an SQL injection vulnerability in the checklogin.php endpoint that allows unauthenticated attackers to bypass authentication by manipulating the 'user' POST parameter. Attackers can inject malicious SQL code like ' or 1=1# to manipulate login queries and gain unauthorized access to the application.
CVSS 8.2
CVE-2019-25291 EXPLOITDB HIGH text WRITEUP
INIM Electronics Smartliving SmartLAN/G/SI <=6.x - Info Disclosure
INIM Electronics Smartliving SmartLAN/G/SI <=6.x contains hard-coded credentials in its Linux distribution image that cannot be changed through normal device operations. Attackers can exploit these persistent credentials to log in and gain unauthorized system access across multiple SmartLiving device models.
CVSS 7.5
CVE-2020-22001 EXPLOITDB CRITICAL text WORKING POC
HomeAutomation 3.3.2 - Authentication Bypass via X-Forwarded-For Header Spoofing
HomeAutomation 3.3.2 suffers from an authentication bypass vulnerability when spoofing client IP address using the X-Forwarded-For header with the local (loopback) IP address value allowing remote control of the smart home solution.
CVSS 9.8
CVE-2020-22000 EXPLOITDB HIGH text WORKING POC
HomeAutomation 3.3.2 - Authenticated OS Command Injection via Custom Command Plugin
HomeAutomation 3.3.2 suffers from an authenticated OS command execution vulnerability using custom command v0.1 plugin. This can be exploited with a CSRF vulnerability to execute arbitrary shell commands as the web user via the 'set_command_on' and 'set_command_off' POST parameters in '/system/systemplugins/customcommand/customcommand.plugin.php' by using an unsanitized PHP exec() function.
CVSS 8.0
CVE-2020-21999 EXPLOITDB HIGH python WORKING POC
iWT FaceSentry Access Control System 6.4.8 - Authenticated OS Command Injection via strInIP Parameter
iWT Ltd FaceSentry Access Control System 6.4.8 suffers from an authenticated OS command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user via the 'strInIP' POST parameter in pingTest PHP script.
CVSS 8.8
CVE-2020-21996 EXPLOITDB HIGH text WORKING POC
AVE DOMINAplus <=1.10.x - Unauthenticated Denial of Service via Reboot Command Execution
AVE DOMINAplus <=1.10.x suffers from an unauthenticated reboot command execution. Attackers can exploit this issue to cause a denial of service scenario.
CVSS 7.5
CVE-2020-21995 EXPLOITDB CRITICAL text WRITEUP
Inim Smartliving Firmware < 6.0 - Use of Hard-coded Credentials
Inim Electronics Smartliving SmartLAN/G/SI <=6.x uses default hardcoded credentials. An attacker could exploit this to gain Telnet, SSH and FTP access to the system.
CVSS 9.8
CVE-2020-21994 EXPLOITDB CRITICAL text WORKING POC
AVE DOMINAplus <=1.10.x - Unauthenticated Credential Disclosure via /xml/authClients.xml
AVE DOMINAplus <=1.10.x suffers from clear-text credentials disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file '/xml/authClients.xml' and obtain administrative login information that allows for a successful authentication bypass attack.
CVSS 9.8
CVE-2020-21991 EXPLOITDB CRITICAL text WORKING POC
AVE DOMINAplus <= 1.10.x - Unauthenticated Authentication Bypass via changeparams.php autologin Parameter
AVE DOMINAplus <=1.10.x suffers from an authentication bypass vulnerability due to missing control check when directly calling the autologin GET parameter in changeparams.php script. Setting the autologin value to 1 allows an unauthenticated attacker to permanently disable the authentication security control and access the management interface with admin privileges without providing credentials.
CVSS 9.8
CVE-2020-21989 EXPLOITDB HIGH text WORKING POC
HomeAutomation 3.3.2 - Cross-Site Request Forgery
HomeAutomation 3.3.2 is affected by Cross Site Request Forgery (CSRF). The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.
CVSS 8.8
CVE-2020-21987 EXPLOITDB MEDIUM text WORKING POC
HomeAutomation 3.3.2 - Stored Cross-Site Scripting via Input Parameter
HomeAutomation 3.3.2 is affected by persistent Cross Site Scripting (XSS). XSS vulnerabilities occur when input passed via several parameters to several scripts is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session.
CVSS 6.1
CVE-2019-25259 EXPLOITDB MEDIUM html WORKING POC
Leica Geosystems GR10/GR25/GR30/GR50 4.30.063 - CSRF
Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without request validation. Attackers can trick logged-in users into executing unauthorized actions by crafting malicious web pages that submit requests to the application.
CVSS 5.3
CVE-2019-25258 EXPLOITDB HIGH text WORKING POC
LogicalDOC Enterprise 7.7.4 - Info Disclosure
LogicalDOC Enterprise 7.7.4 contains multiple post-authentication file disclosure vulnerabilities that allow attackers to read arbitrary files through unverified 'suffix' and 'fileVersion' parameters. Attackers can exploit directory traversal techniques in /thumbnail and /convertpdf endpoints to access sensitive system files like win.ini and /etc/passwd by manipulating path traversal sequences.
CVSS 7.5
CVE-2019-25257 EXPLOITDB MEDIUM text WORKING POC
LogicalDOC Enterprise 7.7.4 - Command Injection
LogicalDOC Enterprise 7.7.4 contains multiple authenticated OS command execution vulnerabilities that allow attackers to manipulate binary paths when changing system settings. Attackers can exploit these vulnerabilities by modifying configuration parameters like antivirus.command, ocr.Tesseract.path, and other system paths to execute arbitrary system commands with elevated privileges.
CVSS 6.5
CVE-2019-25256 EXPLOITDB MEDIUM text WORKING POC
VideoFlow Digital Video Protection DVP 2.10 - Path Traversal
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows attackers to access arbitrary system files through unvalidated 'ID' parameters. Attackers can exploit multiple Perl scripts like downloadsys.pl to read sensitive files by manipulating directory path traversal in download requests.
CVSS 6.5
CVE-2019-25255 EXPLOITDB MEDIUM text WRITEUP
VideoFlow DVP 2.10 - Authenticated RCE
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated remote code execution vulnerability that allows attackers to execute system commands with root privileges. Attackers can exploit the vulnerability through a cross-site request forgery (CSRF) mechanism to gain unauthorized system access.
CVSS 4.3
CVE-2019-25254 EXPLOITDB HIGH text WORKING POC
KYOCERA Net Admin 3.4.0906 - Cross-Site Request Forgery via Administrative User Creation
KYOCERA Net Admin 3.4.0906 contains a cross-site request forgery vulnerability that allows attackers to create administrative users without proper request validation. Attackers can craft malicious web pages that automatically submit forms to add new admin accounts with predefined credentials when a logged-in user visits the page.
CVSS 8.8
CVE-2019-25253 EXPLOITDB HIGH text WORKING POC
KYOCERA Net Admin 3.4.0906 - XXE Injection
KYOCERA Net Admin 3.4.0906 contains an XML External Entity (XXE) injection vulnerability in the Multi-Set Template Editor that allows unauthenticated attackers to read arbitrary system files. Attackers can craft a malicious XML file with external entity references to retrieve sensitive configuration data like database credentials through an out-of-band channel attack.
CVSS 7.5
CVE-2019-25252 EXPLOITDB MEDIUM html WORKING POC
Teradek VidiU Pro 3.0.3 - Cross-Site Request Forgery via Password Change Request
Teradek VidiU Pro 3.0.3 contains a cross-site request forgery vulnerability that allows attackers to change administrative passwords without proper request validation. Attackers can craft malicious web pages that automatically submit password change requests to the device when a logged-in administrator visits the page.
CVSS 4.3
CVE-2019-25251 EXPLOITDB MEDIUM text WORKING POC
Teradek VidiU Pro 3.0.3 - Server-Side Request Forgery via URL Parameter
Teradek VidiU Pro 3.0.3 contains a server-side request forgery vulnerability in the management interface that allows attackers to manipulate GET parameters 'url' and 'xml_url'. Attackers can exploit this flaw to bypass firewalls, initiate network enumeration, and potentially trigger external HTTP requests to arbitrary destinations.
CVSS 6.5
CVE-2019-25248 EXPLOITDB HIGH text WRITEUP
Beward N100 M2.1.6.04C014 - Info Disclosure
Beward N100 M2.1.6.04C014 contains an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can directly retrieve the camera's RTSP stream by exploiting the lack of authentication in the video access mechanism.
CVSS 7.5
CVE-2019-25247 EXPLOITDB MEDIUM html WORKING POC
Beward N100 H.264 VGA IP Camera M2.1.6 - CSRF
Beward N100 H.264 VGA IP Camera M2.1.6 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without proper request validation. Attackers can craft a malicious web page with a hidden form to add an admin user by tricking a logged-in user into submitting the form.
CVSS 5.3
CVE-2019-25246 EXPLOITDB HIGH text WORKING POC
Beward N100 H.264 VGA IP Camera M2.1.6 - Info Disclosure
Beward N100 H.264 VGA IP Camera M2.1.6 contains an authenticated file disclosure vulnerability that allows attackers to read arbitrary system files via the 'READ.filePath' parameter. Attackers can exploit the fileread script or SendCGICMD API to access sensitive files like /etc/passwd and /etc/issue by supplying absolute file paths.
CVSS 8.8
CVE-2019-25245 EXPLOITDB HIGH text WRITEUP
Ross Video DashBoard 8.5.1 - Privilege Escalation
Ross Video DashBoard 8.5.1 contains an elevation of privileges vulnerability that allows authenticated users to modify executable files due to improper permission settings. Attackers can exploit the 'M' or 'C' flags for 'Authenticated Users' group to replace the DashBoard.exe binary with a malicious executable.
CVSS 8.8
CVE-2019-25244 EXPLOITDB MEDIUM text WORKING POC
Legrand BTicino Driver Manager F454 1.0.51 - CSRF, XSS
Legrand BTicino Driver Manager F454 1.0.51 contains multiple web vulnerabilities that allow attackers to perform administrative actions without proper request validation. Attackers can exploit cross-site request forgery to change passwords and inject stored cross-site scripting payloads through unvalidated GET parameters.
CVSS 5.3