John Page aka hyp3rlinx

64 exploits Active since Jan 2016
EIP-2026-111048 EXPLOITDB text WORKING POC
PHPfileNavigator 2.3.3 - Cross-Site Request Forgery
EIP-2026-110737 EXPLOITDB text WRITEUP
PHP PEAR HTTP_Upload 1.0.0b3 - Arbitrary File Upload
CVE-2017-5630 EXPLOITDB HIGH text WORKING POC
PEAR Base System 1.10.1 - Arbitrary File Overwrite via Unvalidated Redirect Response
PECL in the download utility class in the Installer in PEAR Base System v1.10.1 does not validate file types and filenames after a redirect, which allows remote HTTP servers to overwrite files via crafted responses, as demonstrated by a .htaccess overwrite.
CVSS 7.5
CVE-2016-4313 EXPLOITDB HIGH php WORKING POC
eXtplorer 2.1.9 - Path Traversal via Archive Extraction
Directory traversal vulnerability in unzip/extract feature in eXtplorer 2.1.9 allows remote attackers to execute arbitrary files via a .. (dot dot) in an archive file.
CVSS 7.8
EIP-2026-106731 EXPLOITDB text WORKING POC
EasyPHP Devserver 16.1.1 - Cross-Site Request Forgery / Remote Command Execution
CVE-2017-12971 EXPLOITDB MEDIUM text WORKING POC
Apache2Triad 1.5.4 - Cross-Site Scripting via phpsftpd/users.php Account Parameter
Cross-site scripting (XSS) vulnerability in Apache2Triad 1.5.4 allows remote attackers to inject arbitrary web script or HTML via the account parameter to phpsftpd/users.php.
CVSS 6.1
CVE-2017-5607 EXPLOITDB LOW text WORKING POC
Splunk Enterprise <6.5.1 & Splunk Light <6.5.2 - Sensitive Info Exposure via Global Window Namespace
Splunk Enterprise 5.0.x before 5.0.18, 6.0.x before 6.0.14, 6.1.x before 6.1.13, 6.2.x before 6.2.13.1, 6.3.x before 6.3.10, 6.4.x before 6.4.6, and 6.5.x before 6.5.3 and Splunk Light before 6.5.2 assigns the $C JS property to the global Window namespace, which might allow remote attackers to obtain sensitive logged-in username and version-related information via a crafted webpage.
CVSS 3.5
CVE-2017-10974 EXPLOITDB HIGH text WORKING POC
Yaws 1.91 - Unauthenticated Path Traversal via HTTP Directory Traversal with /%5C../
Yaws 1.91 allows Unauthenticated Remote File Disclosure via HTTP Directory Traversal with /%5C../ to port 8080. NOTE: this CVE is only about use of an initial /%5C sequence to defeat traversal protection mechanisms; the initial /%5C sequence was apparently not discussed in earlier research on this product.
CVSS 7.5
CVE-2017-5473 EXPLOITDB HIGH text WORKING POC
ntopng < 2.4 - Cross-Site Request Forgery via User Management Endpoints
Cross-site request forgery (CSRF) vulnerability in ntopng through 2.4 allows remote attackers to hijack the authentication of arbitrary users, as demonstrated by admin/add_user.lua, admin/change_user_prefs.lua, admin/delete_user.lua, and admin/password_reset.lua.
CVSS 8.8
CVE-2016-4316 EXPLOITDB MEDIUM text WORKING POC
WSO2 Carbon 4.4.5 - Stored Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in WSO2 Carbon 4.4.5 allow remote attackers to inject arbitrary web script or HTML via the (1) setName parameter to identity-mgt/challenges-mgt.jsp; the (2) webappType or (3) httpPort parameter to webapp-list/webapp_info.jsp; the (4) dsName or (5) description parameter to ndatasource/newdatasource.jsp; the (6) phase parameter to viewflows/handlers.jsp; or the (7) url parameter to ndatasource/validateconnection-ajaxprocessor.jsp.
CVSS 6.1
CVE-2016-4314 EXPLOITDB MEDIUM text WORKING POC
WSO2 Carbon 4.4.5 - Authenticated Path Traversal via LogViewer Admin Service LogFile Parameter
Directory traversal vulnerability in the LogViewer Admin Service in WSO2 Carbon 4.4.5 allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the logFile parameter to downloadgz-ajaxprocessor.jsp.
CVSS 4.9
CVE-2016-4315 EXPLOITDB MEDIUM text WORKING POC
WSO2 Carbon 4.4.5 - Cross-Site Request Forgery via Server Shutdown Action
Cross-site request forgery (CSRF) vulnerability in WSO2 Carbon 4.4.5 allows remote attackers to hijack the authentication of privileged users for requests that shutdown a server via a shutdown action to server-admin/proxy_ajaxprocessor.jsp.
CVSS 5.7
CVE-2016-4312 EXPLOITDB HIGH text WORKING POC
WSO2 Identity Server 5.1.0 - Authenticated XML External Entity Injection via XACML Request
XML external entity (XXE) vulnerability in the XACML flow feature in WSO2 Identity Server 5.1.0 before WSO2-CARBON-PATCH-4.4.0-0231 allows remote authenticated users with access to XACML features to read arbitrary files, cause a denial of service, conduct server-side request forgery (SSRF) attacks, or have unspecified other impact via a crafted XACML request to entitlement/eval-policy-submit.jsp. NOTE: this issue can be combined with CVE-2016-4311 to exploit the vulnerability without credentials.
CVSS 7.5
EIP-2026-102080 EXPLOITDB text WORKING POC
Trend Micro Deep Discovery Inspector 3.8/3.7 - Cross-Site Request Forgery