John Lightsey

7 exploits Active since Feb 2015
CVE-2015-1592 NOMISEC WORKING POC
Movable Type <5.2.12 & <6.0.7 - Code Injection
Movable Type Pro, Open Source, and Advanced before 5.2.12 and Pro and Advanced 6.0.x before 6.0.7 does not properly use the Perl Storable::thaw function, which allows remote attackers to include and execute arbitrary local Perl files and possibly execute arbitrary code via unspecified vectors.
6 stars
CVE-2020-10543 WRITEUP HIGH WRITEUP
Perl <5.30.3 - Buffer Overflow
Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.
CVSS 8.2
CVE-2015-1592 METASPLOIT ruby WORKING POC
Movable Type <5.2.12 & <6.0.7 - Code Injection
Movable Type Pro, Open Source, and Advanced before 5.2.12 and Pro and Advanced 6.0.x before 6.0.7 does not properly use the Perl Storable::thaw function, which allows remote attackers to include and execute arbitrary local Perl files and possibly execute arbitrary code via unspecified vectors.
CVE-2011-2921 METASPLOIT CRITICAL ruby WORKING POC
ktsuss suid Privilege Escalation
ktsuss versions 1.4 and prior has the uid set to root and does not drop privileges prior to executing user specified commands, which can result in command execution with root privileges.
CVSS 9.8
EIP-2026-114805 EXPLOITDB ruby WORKING POC
SixApart MovableType - Storable Perl Code Execution (Metasploit)
CVE-2015-1592 EXPLOITDB ruby WORKING POC
Movable Type <5.2.12 & <6.0.7 - Code Injection
Movable Type Pro, Open Source, and Advanced before 5.2.12 and Pro and Advanced 6.0.x before 6.0.7 does not properly use the Perl Storable::thaw function, which allows remote attackers to include and execute arbitrary local Perl files and possibly execute arbitrary code via unspecified vectors.
CVE-2011-2921 EXPLOITDB CRITICAL ruby WORKING POC
ktsuss suid Privilege Escalation
ktsuss versions 1.4 and prior has the uid set to root and does not drop privileges prior to executing user specified commands, which can result in command execution with root privileges.
CVSS 9.8