R-73eN

21 exploits Active since May 2014
CVE-2025-34119 EXPLOITDB HIGH python WORKING POC
EasyCafe Server <2.2.14 - Info Disclosure
A remote file disclosure vulnerability exists in EasyCafe Server 2.2.14, exploitable by unauthenticated remote attackers via TCP port 831. The server listens for a custom protocol where opcode 0x43 can be used to request arbitrary files by absolute path. If the file exists and is accessible, its content is returned without authentication. This flaw allows attackers to retrieve sensitive files such as system configuration, password files, or application data.
CVE-2025-34119 METASPLOIT HIGH ruby WORKING POC
EasyCafe Server <2.2.14 - Info Disclosure
A remote file disclosure vulnerability exists in EasyCafe Server 2.2.14, exploitable by unauthenticated remote attackers via TCP port 831. The server listens for a custom protocol where opcode 0x43 can be used to request arbitrary files by absolute path. If the file exists and is accessible, its content is returned without authentication. This flaw allows attackers to retrieve sensitive files such as system configuration, password files, or application data.
CVE-2013-4730 EXPLOITDB python WORKING POC
pcman's ftp server 2.0.7 - Unauthenticated Buffer Overflow via USER Command
Buffer overflow in PCMan's FTP Server 2.0.7 allows remote attackers to execute arbitrary code via a long string in a USER command.
CVE-2015-7767 EXPLOITDB python WORKING POC
Konica Minolta FTP Utility 1.0 - RCE
Buffer overflow in Konica Minolta FTP Utility 1.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long USER command.
CVE-2015-2509 EXPLOITDB python WORKING POC
Windows Media Center - Remote Code Execution via Crafted MCL File
Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows user-assisted remote attackers to execute arbitrary code via a crafted Media Center link (mcl) file, aka "Windows Media Center RCE Vulnerability."
EIP-2026-118133 EXPLOITDB python WORKING POC
WinRar 5.21 - SFX OLE Command Execution
EIP-2026-118213 EXPLOITDB python WORKING POC
ZTE PC UI USB Modem Software - Local Buffer Overflow
EIP-2026-118134 EXPLOITDB python WORKING POC
WinRar < 5.30 Beta 4 - Settings Import Command Execution
EIP-2026-117590 EXPLOITDB python WORKING POC
Microsoft Word 2007 - RTF Object Confusion (ASLR + DEP Bypass)
EIP-2026-116862 EXPLOITDB python WORKING POC
Avira Antivirus 15.0.21.86 - '.zip' Directory Traversal / Command Execution
EIP-2026-117148 EXPLOITDB python WORKING POC
Express Zip 2.40 - Directory Traversal
EIP-2026-115955 EXPLOITDB python WORKING POC
Notepad++ NPPFtp Plugin 0.26.3 - Buffer Overflow
EIP-2026-115170 EXPLOITDB python WORKING POC
Dual DHCP DNS Server 7.29 - Denial of Service
EIP-2026-110560 EXPLOITDB text WORKING POC
pfSense 2.2.5 - Directory Traversal
EIP-2026-107448 EXPLOITDB text WRITEUP
GoAutoDial CE 3.3 - Multiple SQL Injections / Command Injection
EIP-2026-107447 EXPLOITDB python WORKING POC
GoAutoDial CE 2.0 - Arbitrary File Upload
EIP-2026-103778 EXPLOITDB python WORKING POC
KeepNote 0.7.8 - Command Execution
CVE-2015-3306 EXPLOITDB python WORKING POC
ProFTPD 1.3.5 - Unauthenticated Arbitrary File Read and Write via mod_copy Site Commands
The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.
EIP-2026-102984 EXPLOITDB text WORKING POC
runAV mod_security - Arbitrary Command Execution
CVE-2016-5312 EXPLOITDB MEDIUM text WORKING POC
Symantec Messaging Gateway < 10.6.2 - Authenticated Path Traversal via ChartStream sn Parameter
Directory traversal vulnerability in the charting component in Symantec Messaging Gateway before 10.6.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the sn parameter to brightmail/servlet/com.ve.kavachart.servlet.ChartStream.
CVSS 6.5
EIP-2026-101183 EXPLOITDB python WORKING POC
Billion 7700NR4 Router - Remote Command Execution