Paras Bhatia

10 exploits Active since Dec 2025
CVE-2020-37049 EXPLOITDB HIGH python WORKING POC
Frigate 3 Professional 3.36.0.9 - Local Buffer Overflow via Command Line Input
Frigate 3.36.0.9 contains a local buffer overflow vulnerability in the Command Line input field that allows attackers to execute arbitrary code. Attackers can craft a malicious payload to overflow the buffer, bypass DEP, and execute commands like launching calc.exe through a specially crafted input sequence.
CVSS 8.4
CVE-2020-37042 EXPLOITDB HIGH python WORKING POC
Frigate Professional 3.36.0.9 - Buffer Overflow
Frigate Professional 3.36.0.9 contains a local buffer overflow vulnerability in the 'Find Computer' feature that allows attackers to execute arbitrary code by overflowing the computer name input field. Attackers can craft a malicious payload that triggers a buffer overflow, enabling code execution and launching calculator as a proof of concept.
CVSS 8.4
CVE-2020-37040 EXPLOITDB HIGH python WORKING POC
Code Blocks 17.12 - Buffer Overflow
Code Blocks 17.12 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by crafting a malicious file name with Unicode characters. Attackers can trigger the vulnerability by pasting a specially crafted payload into the file name field during project creation, potentially executing system commands like calc.exe.
CVSS 8.4
CVE-2020-37039 EXPLOITDB HIGH text WORKING POC
Frigate 2.02 - Denial of Service via Oversized Command Line Input
Frigate 2.02 contains a denial of service vulnerability that allows attackers to crash the application by sending oversized input to the command line interface. Attackers can generate a payload of 8000 repeated characters and paste it into the application's command line field to trigger an application crash.
CVSS 7.5
CVE-2020-37038 EXPLOITDB HIGH python WORKING POC
Code Blocks 20.03 - Denial of Service via FSymbols Search Field
Code Blocks 20.03 contains a denial of service vulnerability that allows attackers to crash the application by manipulating input in the FSymbols search field. Attackers can paste a large payload of 5000 repeated characters into the search field to trigger an application crash.
CVSS 7.5
CVE-2020-37036 EXPLOITDB HIGH python WORKING POC
RM Downloader 2.50.60 - Buffer Overflow
RM Downloader 2.50.60 contains a local buffer overflow vulnerability in the 'Load' parameter that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious payload with an egg hunter technique to bypass memory protections and execute commands like launching calc.exe.
CVSS 8.4
CVE-2020-36882 EXPLOITDB HIGH python WORKING POC
Flexsense DiskBoss 7.7.14 - Unauthenticated Arbitrary File Upload via Search Files Directory Field
Flexsense DiskBoss 7.7.14 allows unauthenticated attackers to upload arbitrary files via /Command/Search Files/Directory field, leading to a denial of service by crashing the application.
CVSS 7.5
CVE-2020-36881 EXPLOITDB HIGH python WORKING POC
Flexsense DiskBoss 7.7.14 - Buffer Overflow
Flexsense DiskBoss 7.7.14 contains a local buffer overflow vulnerability in the 'Input Directory' component that allows unauthenticated attackers to execute arbitrary code on the system. Attackers can exploit this by pasting a specially crafted directory path into the 'Add Input Directory' field.
CVSS 7.8
EIP-2026-116828 EXPLOITDB python WORKING POC
ASX to MP3 converter 3.1.3.7.2010.11.05 - '.wax' Local Buffer Overflow (DEP_ASLR Bypass) (PoC)
EIP-2026-115256 EXPLOITDB python WORKING POC
FlashFXP 4.2.0 Build 1730 - Denial of Service (PoC)