Rafael Pedrero

49 exploits Active since Apr 2018
CVE-2019-25666 EXPLOITDB MEDIUM python WORKING POC
SpotAuditor 3.6.7 Denial of Service Buffer Overflow
SpotAuditor 3.6.7 contains a local buffer overflow vulnerability in the Base64 Password Decoder component that allows attackers to crash the application. Attackers can supply an oversized Base64 string through the decoder interface to trigger a denial of service condition.
CVSS 6.2
CVE-2019-25665 EXPLOITDB MEDIUM python WORKING POC
River Past Ringtone Converter 2.7.6.1601 Buffer Overflow DoS
River Past Ringtone Converter 2.7.6.1601 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying oversized input to activation fields. Attackers can paste 300 bytes of data into the Email textbox and Activation code textarea via the Help menu's Activate dialog to trigger a denial of service condition.
CVSS 6.2
CVE-2019-25661 EXPLOITDB MEDIUM python WORKING POC
Remote Process Explorer 1.0.0.16 Local Buffer Overflow DoS
Remote Process Explorer 1.0.0.16 contains a local buffer overflow vulnerability that allows attackers to cause a denial of service by sending a crafted payload to the Add Computer dialog. Attackers can paste a malicious string into the computer name textbox and trigger a crash by connecting to the added computer, overwriting the SEH chain and corrupting exception handlers.
CVSS 6.2
CVE-2019-25660 EXPLOITDB MEDIUM python WORKING POC
LanHelper 1.74 Denial of Service via Buffer Overflow
LanHelper 1.74 contains a local buffer overflow vulnerability that allows attackers to crash the application by sending excessively long input strings. Attackers can exploit the Form Send Message feature by pasting 6000 bytes of data into the Message text field to trigger a denial of service condition.
CVSS 6.2
CVE-2019-25659 EXPLOITDB MEDIUM python WORKING POC
ASPRunner Professional 6.0.766 Local Buffer Overflow DoS
ASPRunner Professional 6.0.766 contains a local buffer overflow vulnerability that allows attackers to cause a denial of service by supplying an excessively long project name. Attackers can paste 180 or more characters into the Project name field during project creation to trigger an application crash.
CVSS 6.2
CVE-2019-25658 EXPLOITDB MEDIUM python WORKING POC
a-Mac Address Change 5.4 Local Buffer Overflow DoS
a-Mac Address Change 5.4 contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying oversized input to registration form fields. Attackers can paste 212 bytes of data into the 'Your Name', 'Your Company', or 'Register Code' fields and click the Register button to trigger a denial of service crash.
CVSS 5.5
CVE-2018-25256 EXPLOITDB MEDIUM python WORKING POC
IP TOOLS 2.50 Local Buffer Overflow Denial of Service
IP TOOLS 2.50 contains a local buffer overflow vulnerability in the SNMP Scanner component that allows local attackers to crash the application by supplying oversized input. Attackers can paste malicious data into the 'From Addr' and 'To Addr' fields and trigger the crash by clicking the Start button, causing denial of service and SEH overwrite.
CVSS 5.5
CVE-2019-25667 EXPLOITDB MEDIUM python WORKING POC
TaskInfo 8.2.0.280 Denial of Service Buffer Overflow
TaskInfo 8.2.0.280 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying oversized input to registration fields. Attackers can paste excessively long strings into the New User Name or New Serial Number textboxes in the Help menu's registration dialog to trigger a denial of service condition.
CVSS 6.2
CVE-2018-9861 WRITEUP MEDIUM WRITEUP
CKEditor Enhanced Image 4.5.10-4.9.1 - Cross-Site Scripting via Crafted IMG Element
Cross-site scripting (XSS) vulnerability in the Enhanced Image (aka image2) plugin for CKEditor (in versions 4.5.10 through 4.9.1; fixed in 4.9.2), as used in Drupal 8 before 8.4.7 and 8.5.x before 8.5.2 and other products, allows remote attackers to inject arbitrary web script through a crafted IMG element.
CVSS 6.1
CVE-2023-53944 EXPLOITDB MEDIUM text WORKING POC
EasyPHP Webserver 14.1 - Path Traversal
EasyPHP Webserver 14.1 contains a path traversal vulnerability that allows remote users with low privileges to access files outside the document root by bypassing SecurityManager restrictions. Attackers can send GET requests with encoded directory traversal sequences like /..%5c..%5c to read system files such as /windows/win.ini.
CVSS 6.5
CVE-2023-53941 EXPLOITDB CRITICAL text WORKING POC
EasyPHP Webserver 14.1 - Command Injection
EasyPHP Webserver 14.1 contains an OS command injection vulnerability that allows unauthenticated attackers to execute arbitrary system commands by injecting malicious payloads through the app_service_control parameter. Attackers can send POST requests to /index.php?zone=settings with crafted app_service_control values to execute commands with administrative privileges.
CVSS 9.8
CVE-2023-53938 EXPLOITDB MEDIUM text WORKING POC
RockMongo 1.1.7 - Stored Cross-Site Scripting via Database, Collection, and Login Parameters
RockMongo 1.1.7 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts through multiple unencoded input parameters. Attackers can exploit the vulnerability by submitting crafted payloads in database, collection, and login parameters to execute arbitrary JavaScript in victim's browser.
CVSS 5.4
CVE-2023-7326 EXPLOITDB HIGH text WORKING POC
Epson Stylus SX510W < 2023-05-13 - Denial of Service via Malformed Query Parameters
The Epson Stylus SX510W embedded web management service fails to properly handle consecutive ampersand characters in query parameters when accessing /PRESENTATION/HTML/TOP/INDEX.HTML. A remote attacker can send a malformed request that triggers improper input parsing or memory handling, resulting in the printer process shutting down or powering off, causing a denial of service condition.
CVE-2023-6425 EXPLOITDB MEDIUM text WORKING POC
BigProf Online Clinic Management System 2.2 - XSS
A vulnerability has been discovered in BigProf Online Clinic Management System 2.2, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /clinic/medical_records_view.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacking user to store dangerous JavaScript payloads on the system that will be triggered when the page loads.
CVSS 6.3
CVE-2023-54341 EXPLOITDB MEDIUM text WORKING POC
Webgrind < 1.1 - Unauthenticated Reflected Cross-Site Scripting via File Parameter
Webgrind 1.1 and before contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts via the file parameter in index.php. The application does not sufficiently encode user-controlled inputs, allowing attackers to execute arbitrary JavaScript in victim's browsers by crafting malicious URLs.
CVSS 6.1
CVE-2023-54339 EXPLOITDB CRITICAL text WORKING POC
webgrind < 1.1 - Unauthenticated Remote Command Execution via dataFile Parameter
Webgrind 1.1 contains a remote command execution vulnerability that allows unauthenticated attackers to inject OS commands via the dataFile parameter in index.php. Attackers can execute arbitrary system commands by manipulating the dataFile parameter, such as using payload '0%27%26calc.exe%26%27' to execute commands on the target system.
CVSS 9.8
CVE-2023-54334 EXPLOITDB CRITICAL text WORKING POC
Explorer++ 1.3.5.531 - Buffer Overflow via Long File Name Argument
Explorer32++ 1.3.5.531 contains a buffer overflow vulnerability in Structured Exception Handler (SEH) records that allows attackers to execute arbitrary code. Attackers can exploit the vulnerability by providing a long file name argument over 396 characters to corrupt the SEH chain and potentially execute malicious code.
CVSS 9.8
CVE-2021-47750 EXPLOITDB MEDIUM text WORKING POC
YouPHPTube <= 7.8 - Cross-Site Scripting via Signup RedirectUri Parameter
YouPHPTube <= 7.8 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts through the redirectUri parameter in the signup page. Attackers can craft special signup URLs with embedded script tags to execute arbitrary JavaScript in victims' browsers when they access the signup page.
CVSS 6.1
CVE-2021-47749 EXPLOITDB MEDIUM text WORKING POC
YouPHPTube <= 7.8 - Unauthenticated Path Traversal via Lang Parameter
YouPHPTube <= 7.8 contains a local file inclusion vulnerability that allows unauthenticated attackers to access arbitrary files by manipulating the 'lang' parameter in GET requests. Attackers can exploit the path traversal flaw in locale/function.php to include and view PHP files outside the intended directory by using directory traversal sequences.
CVSS 5.5
CVE-2019-8928 EXPLOITDB MEDIUM html WRITEUP
ManageEngine Netflow Analyzer Professional 7.0.0.2 - Stored Cross-Site Scripting via User Management Form Parameters
An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in /netflow/jspui/userManagementForm.jsp via these GET parameters: authMeth, passWord, pwd1, and userName.
CVSS 6.1
CVE-2019-8927 EXPLOITDB MEDIUM html WRITEUP
ManageEngine Netflow Analyzer Professional 7.0.0.2 - Stored Cross-Site Scripting via Schedule Configuration Parameters
An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/scheduleConfig.jsp file via these GET parameters: devSrc, emailId, excWeekModify, filterFlag, getFilter, mailReport, mset, popup, rep_schedule, rep_Type, schDesc, schName, schSource, selectDeviceDone, task, val10, and val11.
CVSS 6.1
CVE-2019-8926 EXPLOITDB MEDIUM html WRITEUP
ManageEngine Netflow Analyzer Professional 7.0.0.2 - Cross-Site Scripting via Administration Zone Popup Parameters
An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/popup1.jsp file via these GET parameters: bussAlert, customDev, and selSource.
CVSS 6.1
CVE-2019-8925 EXPLOITDB MEDIUM html WRITEUP
ManageEngine Netflow Analyzer 7.0.0.2 Authenticated Path Traversal via CReportPDFServlet
An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. An Absolute Path Traversal vulnerability in the Administration zone, in /netflow/servlet/CReportPDFServlet (via the parameter schFilePath), allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via any file name, such as a schFilePath=C:\boot.ini value.
CVSS 4.3
CVE-2019-8923 EXPLOITDB CRITICAL html WORKING POC
XAMPP <= 5.6.8 - SQL Injection via cds-fpdf.php jahr Parameter
XAMPP through 5.6.8 and previous allows SQL injection via the cds-fpdf.php jahr parameter. NOTE: This product is discontinued.
CVSS 9.8
CVE-2018-18776 EXPLOITDB MEDIUM text WORKING POC
Microstrategy Web 7 - Cross-Site Scripting via ShowAll Parameter
Microstrategy Web, version 7, does not sufficiently encode user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability via the admin/admin.asp ShowAll parameter. NOTE: this is a deprecated product.
CVSS 6.1