Maximiliano Vidal

31 exploits Active since May 2017
CVE-2017-14094 EXPLOITDB CRITICAL WORKING POC
Trend Micro Smart Protection Server <3.2 - Command Injection
A vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to perform remote command execution via a cron job injection on a vulnerable system.
CVSS 9.8
CVE-2017-14097 EXPLOITDB CRITICAL WORKING POC
Trend Micro Smart Protection Server <3.2 - Info Disclosure
An improper access control vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to decrypt contents of a database with information that could be used to access a vulnerable system.
CVSS 9.8
CVE-2017-9813 EXPLOITDB MEDIUM text WORKING POC
Kaspersky Anti-Virus for Linux File Server <8.0.4.312 - XSS
In Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312), the scriptName parameter of the licenseKeyInfo action method is vulnerable to cross-site scripting (XSS).
CVSS 6.1
CVE-2018-1213 EXPLOITDB HIGH text WORKING POC
Dell Emc Isilon Onefs < 7.2.1.6 - CSRF
Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 and 8.1.0.2 is affected by a cross-site request forgery vulnerability. A malicious user may potentially exploit this vulnerability to send unauthorized requests to the server on behalf of authenticated users of the application.
CVSS 8.8
CVE-2017-8852 EXPLOITDB HIGH python WORKING POC
Sapcar - Memory Corruption
SAP SAPCAR 721.510 has a Heap Based Buffer Overflow Vulnerability. It could be exploited with a crafted CAR archive file received from an untrusted remote source. The problem is that the length of data written is an arbitrary number found within the file. The vendor response is SAP Security Note 2441560.
CVSS 7.8
CVE-2018-6230 EXPLOITDB MEDIUM text WORKING POC
Trendmicro Email Encryption Gateway - SQL Injection
A SQL injection vulnerability in an Trend Micro Email Encryption Gateway 5.5 search configuration script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system.
CVSS 6.8