Matt Bergin

24 exploits Active since Nov 2011
CVE-2018-15767 EXPLOITDB HIGH python WORKING POC
Dell OpenManage Network Manager < 6.5.3 - Incorrect Authorization via Sudoers Misconfiguration
The Dell OpenManage Network Manager virtual appliance versions prior to 6.5.3 contain an improper authorization vulnerability caused by a misconfiguration in the /etc/sudoers file.
CVSS 8.8
CVE-2014-4971 METASPLOIT ruby WORKING POC
Microsoft Windows XP SP3 - Privilege Escalation
Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to (1) the MQAC.sys driver in the MQ Access Control subsystem and (2) the BthPan.sys driver in the Bluetooth Personal Area Networking subsystem.
CVE-2014-4971 METASPLOIT ruby WORKING POC
Microsoft Windows XP SP3 - Privilege Escalation
Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to (1) the MQAC.sys driver in the MQ Access Control subsystem and (2) the BthPan.sys driver in the Bluetooth Personal Area Networking subsystem.
CVE-2014-4076 METASPLOIT ruby WORKING POC
Microsoft Windows Server 2003 SP2 - Privilege Escalation
Microsoft Windows Server 2003 SP2 allows local users to gain privileges via a crafted IOCTL call to (1) tcpip.sys or (2) tcpip6.sys, aka "TCP/IP Elevation of Privilege Vulnerability."
CVE-2014-2477 METASPLOIT ruby WORKING POC
Oracle VM VirtualBox <4.3.12 - Unknown
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12 allows local users to affect integrity and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-2486.
CVE-2014-4971 EXPLOITDB ruby WORKING POC
Microsoft Windows XP SP3 - Privilege Escalation
Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to (1) the MQAC.sys driver in the MQ Access Control subsystem and (2) the BthPan.sys driver in the Bluetooth Personal Area Networking subsystem.
EIP-2026-119687 EXPLOITDB html WORKING POC
WatchGuard XTMv 11.12 Build 516911 - User Management Cross-Site Request Forgery
CVE-2014-4971 EXPLOITDB ruby WORKING POC
Microsoft Windows XP SP3 - Privilege Escalation
Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to (1) the MQAC.sys driver in the MQ Access Control subsystem and (2) the BthPan.sys driver in the Bluetooth Personal Area Networking subsystem.
CVE-2014-4076 EXPLOITDB python WRITEUP
Microsoft Windows Server 2003 SP2 - Privilege Escalation
Microsoft Windows Server 2003 SP2 allows local users to gain privileges via a crafted IOCTL call to (1) tcpip.sys or (2) tcpip6.sys, aka "TCP/IP Elevation of Privilege Vulnerability."
CVE-2014-4971 EXPLOITDB python WORKING POC
Microsoft Windows XP SP3 - Privilege Escalation
Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to (1) the MQAC.sys driver in the MQ Access Control subsystem and (2) the BthPan.sys driver in the Bluetooth Personal Area Networking subsystem.
CVE-2014-4971 EXPLOITDB text WORKING POC
Microsoft Windows XP SP3 - Privilege Escalation
Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to (1) the MQAC.sys driver in the MQ Access Control subsystem and (2) the BthPan.sys driver in the Bluetooth Personal Area Networking subsystem.
CVE-2014-2477 EXPLOITDB ruby WORKING POC
Oracle VM VirtualBox <4.3.12 - Unknown
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12 allows local users to affect integrity and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-2486.
CVE-2015-5466 EXPLOITDB HIGH text WORKING POC
XGI WindowsXP Display Manager <6.14.10.1090 - Privilege Escalation
Silicon Integrated Systems XGI WindowsXP Display Manager (aka XGI VGA Driver Manager and VGA Display Manager) 6.14.10.1090 allows local users to gain privileges via a crafted 0x96002404 IOCTL call.
CVSS 7.8
CVE-2015-6923 EXPLOITDB text WRITEUP
VBox Communications Satellite Express Protocol <2.3.17.3 - Privileg...
The ndvbs module in VBox Communications Satellite Express Protocol 2.3.17.3 allows local users to write to arbitrary physical memory locations and gain privileges via a 0x00000ffd ioctl call.
EIP-2026-112346 EXPLOITDB text WORKING POC
Sophos Web Appliance 4.2.1.3 - Remote Code Execution
CVE-2011-1513 EXPLOITDB text WORKING POC
e107 < 0.7.24 - Remote Code Execution via MySQL Server Name Injection
Static code injection vulnerability in install_.php in e107 CMS 0.7.24 and probably earlier versions, when the installation script is not removed, allows remote attackers to inject arbitrary PHP code into e107_config.php via a crafted MySQL server name.
EIP-2026-103282 EXPLOITDB python WORKING POC
HPE VAN SDN 2.7.18.0503 - Remote Root
CVE-2018-15768 EXPLOITDB MEDIUM python WORKING POC
Dell OpenManage Network Manager < 6.5.0 - Insecure MySQL File System Access Control
Dell OpenManage Network Manager versions prior to 6.5.0 enabled read/write access to the file system for MySQL users due to insecure default configuration setting for the embedded MySQL database.
CVSS 6.5
EIP-2026-103142 EXPLOITDB ruby WORKING POC
HP VAN SDN Controller - Root Command Injection (Metasploit)
EIP-2026-103007 EXPLOITDB text WORKING POC
Sophos UTM 9.410 - 'loginuser' 'confd' Service Privilege Escalation
CVE-2016-6434 EXPLOITDB HIGH text WRITEUP
Cisco Firepower Management Center 6.0.1 - Info Disclosure
Cisco Firepower Management Center 6.0.1 has hardcoded database credentials, which allows local users to obtain sensitive information by leveraging CLI access, aka Bug ID CSCva30370.
CVSS 7.8
CVE-2016-6433 EXPLOITDB HIGH text WORKING POC
Cisco Firepower Mgmt Cntr <6.0.1 - RCE
The Threat Management Console in Cisco Firepower Management Center 5.2.0 through 6.0.1 allows remote authenticated users to execute arbitrary commands via crafted web-application parameters, aka Bug ID CSCva30872.
CVSS 8.8
EIP-2026-100919 EXPLOITDB html WORKING POC
Ubiquiti Administration Portal - Remote Command Execution (via Cross-Site Request Forgery)
CVE-2016-6435 EXPLOITDB MEDIUM text WRITEUP
Cisco Firepower Management Center 6.0.1 - Info Disclosure
The web console in Cisco Firepower Management Center 6.0.1 allows remote authenticated users to read arbitrary files via crafted parameters, aka Bug ID CSCva30376.
CVSS 6.5