Johannes Greil

11 exploits Active since Dec 2005
CVE-2014-4962 EXPLOITDB WRITEUP
Shopizer < 1.1.5 - Unauthenticated Price Manipulation via Negative Product Quantity
Shopizer 1.1.5 and earlier allows remote attackers to reduce the total cost of their shopping cart via a negative number in the productQuantity parameter, which causes the price of the item to be subtracted from the total cost.
CVE-2014-4963 EXPLOITDB WRITEUP
Shopizer < 1.1.5 - Unauthenticated Arbitrary User Account Modification via customer.customerId Parameter
Shopizer 1.1.5 and earlier allows remote attackers to modify the account settings of arbitrary users via the customer.customerId parameter to shop/profile/register.action.
CVE-2014-4964 EXPLOITDB WRITEUP
Shopizer < 1.1.5 - Cross-Site Request Forgery
Multiple cross-site request forgery (CSRF) vulnerabilities in Shopizer 1.1.5 and earlier allow remote attackers to hijack the authentication of users for requests that (1) modify customer settings or hijack the authentication of administrators for requests that change (2) customer passwords, (3) shop configuration, or (4) product details, as demonstrated by (5) modify a product's price via a crafted request to central/catalog/saveproduct.action or (6) creating a product review via a crafted request to shop/product/createReview.action.
CVE-2013-3502 METASPLOIT ruby WORKING POC
GroundWork Monitor Enterprise 6.7.0 - Authenticated Remote Code Execution via monarch_scan.cgi
monarch_scan.cgi in the MONARCH component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to execute arbitrary commands, and consequently obtain sensitive information, by leveraging a JOSSO SSO cookie.
CVE-2014-4965 EXPLOITDB text WRITEUP
Shopizer < 1.1.5 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Shopizer 1.1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) customername parameter to central/orders/searchcriteria.action; (2) productname, (3) availability, or (4) status parameter to central/catalog/productlist.action; or unspecified vectors in (5) WebContent/orders/orderlist.jsp.
EIP-2026-108170 EXPLOITDB text WRITEUP
Joomla! 1.5 Beta 2 - 'Search' Remote Code Execution
CVE-2013-3502 EXPLOITDB ruby WORKING POC
GroundWork Monitor Enterprise 6.7.0 - Authenticated Remote Code Execution via monarch_scan.cgi
monarch_scan.cgi in the MONARCH component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to execute arbitrary commands, and consequently obtain sensitive information, by leveraging a JOSSO SSO cookie.
CVE-2005-4550 EXPLOITDB text WRITEUP
Oracle Application Server Discussion Forum Portlet - Unauthenticated Arbitrary File Read via df_next_page Parameter
The PORTAL schema in Oracle Application Server (OracleAS) Discussion Forum Portlet allows remote attackers to obtain the source code for arbitrary JSP and other files via a df_next_page parameter with a trailing null byte (%00).
CVE-2018-13109 EXPLOITDB HIGH text WRITEUP
Adbglobal Dv2210 Firmware - Incorrect Authorization
All ADB broadband gateways / routers based on the Epicentro platform are affected by an authorization bypass vulnerability where attackers are able to access and manipulate settings within the web interface that are forbidden to end users (e.g., by the ISP). An attacker would be able to enable the TELNET server or other settings as well.
CVSS 7.5
CVE-2018-13108 EXPLOITDB HIGH text WRITEUP
Epicentro - Privilege Escalation
All ADB broadband gateways / routers based on the Epicentro platform are affected by a local root jailbreak vulnerability where attackers are able to gain root access on the device, and extract further information such as sensitive configuration data of the ISP (e.g., VoIP credentials) or attack the internal network of the ISP.
CVSS 7.8
CVE-2018-13110 EXPLOITDB HIGH text WRITEUP
Adbglobal Dv2210 Firmware - Incorrect Permission Assignment
All ADB broadband gateways / routers based on the Epicentro platform are affected by a privilege escalation vulnerability where attackers can gain access to the command line interface (CLI) if previously disabled by the ISP, escalate their privileges, and perform further attacks.
CVSS 7.5