Manoj Ahuje

6 exploits Active since Feb 2018
CVE-2018-9948 NOMISEC MEDIUM WORKING POC
Foxit PDF Reader Pointer Overwrite UAF
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of typed arrays. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-5380.
6 stars
CVSS 6.5
CVE-2018-6892 NOMISEC CRITICAL WORKING POC
CloudMe Sync < 1.10.9 - Unauthenticated Remote Buffer Overflow via Port 8888
An issue was discovered in CloudMe before 1.11.0. An unauthenticated remote attacker that can connect to the "CloudMe Sync" client application listening on port 8888 can send a malicious payload causing a buffer overflow condition. This will result in an attacker controlling the program's execution flow and allowing arbitrary code execution.
CVSS 9.8
CVE-2018-6892 NOMISEC CRITICAL WORKING POC
CloudMe Sync < 1.10.9 - Unauthenticated Remote Buffer Overflow via Port 8888
An issue was discovered in CloudMe before 1.11.0. An unauthenticated remote attacker that can connect to the "CloudMe Sync" client application listening on port 8888 can send a malicious payload causing a buffer overflow condition. This will result in an attacker controlling the program's execution flow and allowing arbitrary code execution.
CVSS 9.8
CVE-2018-9059 NOMISEC CRITICAL WORKING POC
Easy File Sharing Web Server 7.2 - Remote Code Execution via Malicious Login Request
Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 7.2 allows remote attackers to execute arbitrary code via a malicious login request to forum.ghp. NOTE: this may overlap CVE-2014-3791.
CVSS 9.8
EIP-2026-119629 EXPLOITDB python WORKING POC
CloudMe Sync 1.10.9 - Buffer Overflow (SEH)(DEP Bypass)
EIP-2026-117185 EXPLOITDB text WORKING POC
Foxit Reader 9.0.1.1049 - Buffer Overflow (ASLR & DEP Bypass)