Prasenjit Kanti Paul

31 exploits Active since Feb 2018
CVE-2022-34530 WRITEUP MEDIUM WRITEUP
Backdropcms Backdrop Cms < 1.22.0 - Password Reset Weakness
An issue in the login and reset password functionality of Backdrop CMS v1.22.0 allows attackers to enumerate usernames via password reset requests and distinct responses returned based on usernames.
CVSS 5.3
CVE-2022-35118 WRITEUP MEDIUM WRITEUP
Pyrocms < 3.9 - XSS
PyroCMS v3.9 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities.
CVSS 6.1
CVE-2018-9128 EXPLOITDB HIGH text WORKING POC
Dvd-x-player Dvd X Player - Memory Corruption
DVD X Player Standard 5.5.3.9 has a Buffer Overflow via a crafted .plf file, a related issue to CVE-2007-3068.
CVSS 7.8
CVE-2018-7886 EXPLOITDB HIGH python WORKING POC
CloudMe <1.11.0 - Buffer Overflow
An issue was discovered in CloudMe 1.11.0. An unauthenticated local attacker that can connect to the "CloudMe Sync" client application listening on 127.0.0.1 port 8888 can send a malicious payload causing a buffer overflow condition. This will result in code execution, as demonstrated by a TCP reverse shell, or a crash. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-6892.
CVSS 7.8
CVE-2019-6146 EXPLOITDB MEDIUM text WRITEUP
Forcepoint Web Security < 8.5.4 - XSS
It has been reported that cross-site scripting (XSS) is possible in Forcepoint Web Security, version 8.x, via host header injection. CVSSv3.0: 5.3 (Medium) (/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVSS 6.1
CVE-2018-6936 EXPLOITDB MEDIUM text WORKING POC
D-link Dir-600m C1 Firmware - XSS
Cross Site Scripting (XSS) exists on the D-Link DIR-600M C1 3.01 via the SSID or the name of a user account.
CVSS 5.4