Jaggar Henry

3 exploits Active since Mar 2024
CVE-2024-8503 METASPLOIT CRITICAL ruby WORKING POC
VICIdial Authenticated Remote Code Execution
An unauthenticated attacker can leverage a time-based SQL injection vulnerability in VICIdial to enumerate database records. By default, VICIdial stores plaintext credentials within the database.
CVSS 9.8
CVE-2024-8503 METASPLOIT CRITICAL ruby WORKING POC
VICIdial Authenticated Remote Code Execution
An unauthenticated attacker can leverage a time-based SQL injection vulnerability in VICIdial to enumerate database records. By default, VICIdial stores plaintext credentials within the database.
CVSS 9.8
CVE-2024-2054 METASPLOIT CRITICAL ruby WORKING POC
Artica-Proxy - Unauthenticated Remote Code Execution via PHP Deserialization
The Artica-Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the "www-data" user.
CVSS 9.8