Ismail Tasdelen

76 exploits Active since Aug 2018
CVE-2018-18308 EXPLOITDB MEDIUM text WORKING POC
BigTree CMS 4.2.23 - Stored Cross-Site Scripting in Image Upload Area
In the 4.2.23 version of BigTree, a Stored XSS vulnerability has been discovered in /admin/ajax/file-browser/upload/ (aka the image upload area).
CVSS 6.1
CVE-2019-9553 EXPLOITDB MEDIUM text WORKING POC
Bolt 3.6.4 - Cross-Site Scripting via Slug, Teaser, or Title Parameter
Bolt 3.6.4 has XSS via the slug, teaser, or title parameter to editcontent/pages, a related issue to CVE-2017-11128 and CVE-2018-19933.
CVSS 6.1
EIP-2026-103677 EXPLOITDB ruby WORKING POC
Tautulli 2.1.9 - Denial of Service (Metasploit)
EIP-2026-102124 EXPLOITDB text WORKING POC
XEROX WorkCentre 6655 Printer - Cross-Site Request Forgery (Add Admin)
EIP-2026-102479 EXPLOITDB text WORKING POC
dotCMS 5.1.1 - HTML Injection
EIP-2026-102403 EXPLOITDB text WORKING POC
ManageEngine Desktop Central 10.0.271 - Cross-Site Scripting
EIP-2026-102402 EXPLOITDB text WORKING POC
ManageEngine AssetExplorer 6.2.0 - Cross-Site Scripting
EIP-2026-102126 EXPLOITDB text WORKING POC
XEROX WorkCentre 7855 Printer - Cross-Site Request Forgery (Add Admin)
EIP-2026-102125 EXPLOITDB text WORKING POC
XEROX WorkCentre 7830 Printer - Cross-Site Request Forgery (Add Admin)
EIP-2026-102123 EXPLOITDB text WORKING POC
Xerox AltaLink C8035 Printer - Cross-Site Request Forgery (Add Admin)
EIP-2026-101783 EXPLOITDB ruby WORKING POC
Huawei HG255 - Directory Traversal (Metasploit)
EIP-2026-101957 EXPLOITDB text WORKING POC
RICOH SP 4520DN Printer - HTML Injection
EIP-2026-101956 EXPLOITDB text WORKING POC
RICOH SP 4510SF Printer - HTML Injection
EIP-2026-101955 EXPLOITDB text WORKING POC
RICOH SP 4510DN Printer - HTML Injection
EIP-2026-101953 EXPLOITDB text WORKING POC
RICOH MP C6503 Plus Printer - Cross-Site Scripting
EIP-2026-101952 EXPLOITDB text WORKING POC
RICOH MP C6003 Printer - Cross-Site Scripting
CVE-2018-15884 EXPLOITDB HIGH text WORKING POC
RICOH MP C4504ex Firmware - HTML Injection via entryNameIn Parameter
RICOH MP C4504ex devices allow HTML Injection via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn parameter.
CVSS 8.8
EIP-2026-101951 EXPLOITDB text WORKING POC
RICOH MP C406Z Printer - Cross-Site Scripting
EIP-2026-101950 EXPLOITDB text WORKING POC
RICOH MP C2003 Printer - Cross-Site Scripting
CVE-2018-17310 EXPLOITDB MEDIUM text WORKING POC
RICOH MP C1803 JPN Firmware - Stored Cross-Site Scripting via entryNameIn Parameter
On the RICOH MP C1803 JPN printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
CVSS 6.1
EIP-2026-101949 EXPLOITDB text WORKING POC
RICOH MP 305+ Printer - Cross-Site Scripting
EIP-2026-101946 EXPLOITDB text WORKING POC
RICOH Aficio MP 301 Printer - Cross-Site Scripting
EIP-2026-101798 EXPLOITDB text WORKING POC
IBM RICOH InfoPrint 6500 Printer - HTML Injection
EIP-2026-101797 EXPLOITDB text WORKING POC
IBM RICOH Infoprint 1532 Printer - Persistent Cross-Site Scripting
EIP-2026-101796 EXPLOITDB text WORKING POC
IBM RICOH 6400 Printer - HTML Injection