PizzaHatHacker

9 exploits Active since Aug 2015
CVE-2016-2233 NOMISEC HIGH WORKING POC
Hexchat - Memory Corruption
Stack-based buffer overflow in the inbound_cap_ls function in common/inbound.c in HexChat 2.10.2 allows remote IRC servers to cause a denial of service (crash) via a large number of options in a CAP LS message.
CVSS 7.5
CVE-2015-6522 METASPLOIT ruby WORKING POC
Wpsymposium WP Symposium < 15.7 - SQL Injection
SQL injection vulnerability in the WP Symposium plugin before 15.8 for WordPress allows remote attackers to execute arbitrary SQL commands via the size parameter to get_album_item.php.
CVE-2015-10140 METASPLOIT HIGH ruby WORKING POC
Ajax Load More <2.8.1.2 - Auth Bypass
The Ajax Load More plugin before 2.8.1.2 does not have authorisation in some of its AJAX actions, allowing any authenticated users, such as subscriber, to upload and delete arbitrary files.
CVSS 8.8
EIP-2026-114046 EXPLOITDB text WRITEUP
WordPress Plugin Simple Backup 2.7.11 - Multiple Vulnerabilities
CVE-2015-6522 EXPLOITDB text WORKING POC
Wpsymposium WP Symposium < 15.7 - SQL Injection
SQL injection vulnerability in the WP Symposium plugin before 15.8 for WordPress allows remote attackers to execute arbitrary SQL commands via the size parameter to get_album_item.php.
EIP-2026-113549 EXPLOITDB ruby WORKING POC
WordPress Plugin Ajax Load More < 2.8.2 - Arbitrary File Upload
EIP-2026-103951 EXPLOITDB ruby WORKING POC
JDownloader 2 Beta - Directory Traversal
CVE-2016-2087 EXPLOITDB HIGH python WORKING POC
Hexchat - Path Traversal
Directory traversal vulnerability in the client in HexChat 2.11.0 allows remote IRC servers to read or modify arbitrary files via a .. (dot dot) in the server name.
CVSS 7.4
CVE-2016-2233 EXPLOITDB HIGH python WORKING POC
Hexchat - Memory Corruption
Stack-based buffer overflow in the inbound_cap_ls function in common/inbound.c in HexChat 2.10.2 allows remote IRC servers to cause a denial of service (crash) via a large number of options in a CAP LS message.
CVSS 7.5