John Page (aka hyp3rlinx)

88 exploits Active since Oct 2017
EIP-2026-117563 EXPLOITDB text WRITEUP
Microsoft Windows CONTACT - Remote Code Execution
EIP-2026-117564 EXPLOITDB text WORKING POC
Microsoft Windows Defender - Detection Mitigation Bypass TrojanWin32Powessere.G
EIP-2026-117565 EXPLOITDB text WORKING POC
Microsoft Windows Defender - Detections Bypass
EIP-2026-117566 EXPLOITDB text WORKING POC
Microsoft Windows Defender / Trojan.Win32/Powessere.G - Detection Mitigation Bypass
EIP-2026-117577 EXPLOITDB python WORKING POC
Microsoft Windows NTFS - Privileged File Access Enumeration
EIP-2026-117583 EXPLOITDB text WORKING POC
Microsoft Windows VCF - Remote Code Execution
CVE-2019-18915 EXPLOITDB HIGH text WRITEUP
HP System Event Utility <1.4.33 - RCE
A potential security vulnerability has been identified with certain versions of HP System Event Utility prior to version 1.4.33. This vulnerability may allow a local attacker to execute arbitrary code via an HP System Event Utility system service.
CVSS 7.8
EIP-2026-117130 EXPLOITDB text WORKING POC
Enhanced Mitigation Experience Toolkit (EMET) - XML External Entity Injection
CVE-2018-7449 EXPLOITDB HIGH python WORKING POC
Segger Embos/ip FTP Server - Improper Input Validation
SEGGER FTP Server for Windows before 3.22a allows remote attackers to cause a denial of service (daemon crash) via an invalid LIST, STOR, or RETR command.
CVSS 7.5
CVE-2018-7582 EXPLOITDB HIGH python WORKING POC
Weblogexpert Weblog Expert - Resource Allocation Without Limits
WebLog Expert Web Server Enterprise 9.4 allows Remote Denial Of Service (daemon crash) via a long HTTP Accept Header to TCP port 9991.
CVSS 7.5
CVE-2017-14089 EXPLOITDB CRITICAL python WORKING POC
Trend Micro OfficeScan <11.0 - Memory Corruption
An Unauthorized Memory Corruption vulnerability in Trend Micro OfficeScan 11.0 and XG may allow remote unauthenticated users who can access the OfficeScan server to target cgiShowClientAdm.exe and cause memory corruption issues.
CVSS 9.8
CVE-2018-7658 EXPLOITDB HIGH text WORKING POC
Softros Network Time System - Improper Input Validation
NTSServerSvc.exe in the server in Softros Network Time System 2.3.4 allows remote attackers to cause a denial of service (daemon crash) by sending exactly 11 bytes.
CVSS 7.5
EIP-2026-115815 EXPLOITDB python WORKING POC
Microsoft Windows PowerShell - Unsanitized Filename Command Execution
EIP-2026-115776 EXPLOITDB text WORKING POC
Microsoft Windows - '.reg' File / Dialog Box Message Spoofing
EIP-2026-115629 EXPLOITDB text WORKING POC
Microsoft Compiled HTML Help / Uncompiled .chm File - XML External Entity Injection
EIP-2026-115686 EXPLOITDB python WORKING POC
Microsoft Internet Explorer 11.371.16299.0 (Windows 10) - Denial Of Service
CVE-2019-12323 EXPLOITDB HIGH text WORKING POC
Hosting Controller HC10 10.14 - DoS
The HC.Server service in Hosting Controller HC10 10.14 allows an Invalid Pointer Write DoS.
CVSS 7.5
CVE-2017-12969 EXPLOITDB HIGH text WORKING POC
Avaya IP Office Contact Center - Memory Corruption
Buffer overflow in the ViewerCtrlLib.ViewerCtrl ActiveX control in Avaya IP Office Contact Center before 10.1.1 allows remote attackers to cause a denial of service (heap corruption and crash) or execute arbitrary code via a long string to the open method.
CVSS 8.8
CVE-2018-7583 EXPLOITDB HIGH text WORKING POC
Advantig Dualdesk - Improper Input Validation
Proxy.exe in DualDesk 20 allows Remote Denial Of Service (daemon crash) via a long string to TCP port 5500.
CVSS 7.5
CVE-2018-15437 EXPLOITDB MEDIUM c WORKING POC
Cisco Advanced Malware Protection For Endpoints - Denial of Service
A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection (AMP) for Endpoints running on Microsoft Windows could allow a local attacker to disable the scanning functionality of the product. This could allow executable files to be launched on the system without being analyzed for threats. The vulnerability is due to improper process resource handling. An attacker could exploit this vulnerability by gaining local access to a system running Microsoft Windows and protected by Cisco Immunet or Cisco AMP for Endpoints and executing a malicious file. A successful exploit could allow the attacker to prevent the scanning services from functioning properly and ultimately prevent the system from being protected from further intrusion.
CVSS 5.5
EIP-2026-114978 EXPLOITDB text WORKING POC
BarcodeWiz ActiveX Control < 6.7 - Buffer Overflow (PoC)
EIP-2026-114837 EXPLOITDB text WORKING POC
Abyss Web Server < 2.11.6 - Heap Memory Corruption
CVE-2017-14085 EXPLOITDB MEDIUM text WORKING POC
Trend Micro OfficeScan <11.0 - Info Disclosure
Information disclosure vulnerabilities in Trend Micro OfficeScan 11.0 and XG may allow unauthenticated users who can access the OfficeScan server to query the network's NT domain or the PHP version and modules.
CVSS 5.3
EIP-2026-112791 EXPLOITDB text WRITEUP
Trend Micro OfficeScan 11.0/XG (12.0) - Server Side Request Forgery
CVE-2017-14083 EXPLOITDB HIGH text WORKING POC
Trend Micro OfficeScan 11.0 - Info Disclosure
A vulnerability in Trend Micro OfficeScan 11.0 and XG allows remote unauthenticated users who can access the system to download the OfficeScan encryption file.
CVSS 7.5