Pierre Kim

8 exploits Active since Apr 2011
CVE-2015-7944 EXPLOITDB HIGH perl WORKING POC
Ganeti <2.9.7-2.15.2 - DoS
The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti before 2.9.7, 2.10.x before 2.10.8, 2.11.x before 2.11.8, 2.12.x before 2.12.6, 2.13.x before 2.13.3, 2.14.x before 2.14.2, and 2.15.x before 2.15.2, when used in SSL mode, allows remote attackers to cause a denial of service (resource consumption) via SSL parameter renegotiation.
CVSS 7.5
CVE-2011-0997 EXPLOITDB text WORKING POC
ISC Dhcp - Improper Input Validation
dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script.
CVE-2015-7945 EXPLOITDB HIGH perl WORKING POC
Ganeti <2.9.7-2.15.2 - Info Disclosure
The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti before 2.9.7, 2.10.x before 2.10.8, 2.11.x before 2.11.8, 2.12.x before 2.12.6, 2.13.x before 2.13.3, 2.14.x before 2.14.2, and 2.15.x before 2.15.2 allows remote attackers to obtain the DRBD secret via instance information job results.
CVSS 7.5
EIP-2026-102122 EXPLOITDB text WRITEUP
WiseGiga NAS - Multiple Vulnerabilities
CVE-2017-8225 EXPLOITDB CRITICAL c WORKING POC
Wificam Wireless IP Camera (p2p) Firm... - Insufficiently Protected Credentials
On Wireless IP Camera (P2P) WIFICAM devices, access to .ini files (containing credentials) is not correctly checked. An attacker can bypass authentication by providing an empty loginuse parameter and an empty loginpas parameter in the URI.
CVSS 9.8
EIP-2026-101509 EXPLOITDB text WRITEUP
8 TOTOLINK Router Models - Backdoor Access / Remote Code Execution
EIP-2026-101508 EXPLOITDB text WORKING POC
4 TOTOLINK Router Models - Cross-Site Request Forgery / Cross-Site Scripting
EIP-2026-101507 EXPLOITDB text WRITEUP
4 TOTOLINK Router Models - Backdoor Credentials