Metin Yunus Kandemir (kandemir)

9 exploits Active since Apr 2019
CVE-2019-25647 EXPLOITDB HIGH python WORKING POC
PhreeBooks ERP 5.2.3 Remote Code Execution via Image Manager
PhreeBooks ERP 5.2.3 contains a remote code execution vulnerability in the image manager that allows authenticated attackers to upload and execute arbitrary PHP files by bypassing file extension controls. Attackers can upload malicious PHP files through the image manager endpoint and execute them to establish reverse shell connections and execute system commands.
CVSS 8.8
CVE-2019-25452 EXPLOITDB HIGH text WORKING POC
Dolibarr ERP/CRM 10.0.1 - SQL Injection
Dolibarr ERP/CRM 10.0.1 contains an SQL injection vulnerability in the elemid POST parameter of the viewcat.php endpoint that allows unauthenticated attackers to execute arbitrary SQL queries. Attackers can submit crafted POST requests with malicious SQL payloads in the elemid parameter to extract sensitive database information using error-based or time-based blind SQL injection techniques.
CVSS 7.5
CVE-2019-25450 EXPLOITDB HIGH text WORKING POC
Dolibarr ERP/CRM 10.0.1 - SQL Injection
Dolibarr ERP/CRM 10.0.1 contains multiple SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries by injecting SQL code through POST parameters. Attackers can inject malicious SQL through parameters like actioncode, demand_reason_id, and availability_id in card.php endpoints to extract sensitive database information using boolean-based blind, error-based, and time-based blind techniques.
CVSS 7.5
CVE-2021-47904 EXPLOITDB HIGH python WORKING POC
PhreeBooks 5.2.3 - Authenticated RCE
PhreeBooks 5.2.3 contains an authenticated file upload vulnerability in the Image Manager that allows remote code execution. Attackers can upload a malicious PHP web shell by exploiting unrestricted file type uploads to gain command execution on the server.
CVSS 8.8
CVE-2019-14427 EXPLOITDB MEDIUM text WORKING POC
WEB STUDIO Ultimate Loan Manager 2.0 - XSS
XSS exists in WEB STUDIO Ultimate Loan Manager 2.0 by adding a branch under the Branches button that sets the notes parameter with crafted JavaScript code.
CVSS 6.1
EIP-2026-112030 EXPLOITDB python WORKING POC
Shopping Portal ProVersion 3.0 - Authentication Bypass
EIP-2026-107621 EXPLOITDB python WORKING POC
Hospital Management System 4.0 - Authentication Bypass
CVE-2019-16197 EXPLOITDB MEDIUM text WORKING POC
Dolibarr 10.0.1 - XSS
In htdocs/societe/card.php in Dolibarr 10.0.1, the value of the User-Agent HTTP header is copied into the HTML document as plain text between tags, leading to XSS.
CVSS 6.1
CVE-2019-11354 EXPLOITDB HIGH text WORKING POC
Origin 10.5.36 - RCE
The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. This can be used to escape the underlying AngularJS sandbox and achieve remote code execution via an origin2://game/launch URL for QtApplication QDesktopServices communication.
CVSS 7.8