Julio Cesar Fort

11 exploits Active since Aug 2004
CVE-2017-10366 NOMISEC CRITICAL WORKING POC
Oracle PeopleSoft Products <8.57 - RCE
Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: Performance Monitor). Supported versions that are affected are 8.54, 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PT PeopleTools. Successful attacks of this vulnerability can result in takeover of PeopleSoft Enterprise PT PeopleTools. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
25 stars
CVSS 9.8
CVE-2019-10044 WRITEUP HIGH WRITEUP
Telegram Desktop <1.5.12 - Info Disclosure
Telegram Desktop before 1.5.12 on Windows, and the Telegram applications for Android, iOS, and Linux, is vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if (for example) Latin and Cyrillic characters exist in the same domain name, and the available font has an identical representation of characters from different alphabets.
CVSS 8.8
CVE-2019-9970 WRITEUP MEDIUM WRITEUP
Signal-Desktop <1.23.1 - Info Disclosure
Open Whisper Signal (aka Signal-Desktop) through 1.23.1 and the Signal Private Messenger application through 4.35.3 for Android are vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if (for example) Latin and Cyrillic characters exist in the same domain name, and the available font has an identical representation of characters from different alphabets.
CVSS 6.5
CVE-2004-1681 EXPLOITDB text WORKING POC
QNX Photon Microgui - Buffer Overflow
Multiple buffer overflows in (1) phrelay-cfg, (2) phlocale, (3) pkg-installer, or (4) input-cfg in QNX Photon microGUI for QNX RTP 6.1 allow local users to gain privileges via a long -s (server) command line parameter.
CVE-2004-1681 EXPLOITDB text WORKING POC
QNX Photon Microgui - Buffer Overflow
Multiple buffer overflows in (1) phrelay-cfg, (2) phlocale, (3) pkg-installer, or (4) input-cfg in QNX Photon microGUI for QNX RTP 6.1 allow local users to gain privileges via a long -s (server) command line parameter.
CVE-2004-1681 EXPLOITDB text WRITEUP
QNX Photon Microgui - Buffer Overflow
Multiple buffer overflows in (1) phrelay-cfg, (2) phlocale, (3) pkg-installer, or (4) input-cfg in QNX Photon microGUI for QNX RTP 6.1 allow local users to gain privileges via a long -s (server) command line parameter.
CVE-2004-1681 EXPLOITDB text WORKING POC
QNX Photon Microgui - Buffer Overflow
Multiple buffer overflows in (1) phrelay-cfg, (2) phlocale, (3) pkg-installer, or (4) input-cfg in QNX Photon microGUI for QNX RTP 6.1 allow local users to gain privileges via a long -s (server) command line parameter.
EIP-2026-104044 EXPLOITDB text WRITEUP
OSU HTTP Server 3.10/3.11 - Multiple Information Disclosure Vulnerabilities
EIP-2026-102965 EXPLOITDB text WORKING POC
QNX PPPoEd 2.4/4.25/6.2 - Path Environment Variable Local Command Execution
CVE-2005-2725 EXPLOITDB text WORKING POC
QNX RTOS <6.3 - Info Disclosure
The inputtrap utility in QNX RTOS 6.1.0, 6.3, and possibly earlier versions does not properly check permissions when the -t flag is specified, which allows local users to read arbitrary files.
EIP-2026-102723 EXPLOITDB text WORKING POC
QNX PPPoEd 2.4/4.25/6.2 - Multiple Local Buffer Overrun Vulnerabilities