Ricardo Jorge Borges de Almeida

5 exploits Active since Mar 2015
CVE-2013-10051 EXPLOITDB CRITICAL ruby WORKING POC
InstantCMS <1.6 - RCE
A remote PHP code execution vulnerability exists in InstantCMS version 1.6 and earlier due to unsafe use of eval() within the search view handler. Specifically, user-supplied input passed via the look parameter is concatenated into a PHP expression and executed without proper sanitation. A remote attacker can exploit this flaw by sending a crafted HTTP GET request with a base64-encoded payload in the Cmd header, resulting in arbitrary PHP code execution within the context of the web server.
CVSS 9.8
CVE-2017-11467 METASPLOIT CRITICAL ruby WORKING POC
OrientDB <2.2.22 - RCE
OrientDB through 2.2.22 does not enforce privilege requirements during "where" or "fetchplan" or "order by" use, which allows remote attackers to execute arbitrary OS commands via a crafted request.
CVSS 9.8
CVE-2015-2208 METASPLOIT ruby WORKING POC
Avinu Phpmoadmin - Command Injection
The saveObject function in moadmin.php in phpMoAdmin 1.1.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the object parameter.
CVE-2013-10051 METASPLOIT CRITICAL ruby WORKING POC
InstantCMS <1.6 - RCE
A remote PHP code execution vulnerability exists in InstantCMS version 1.6 and earlier due to unsafe use of eval() within the search view handler. Specifically, user-supplied input passed via the look parameter is concatenated into a PHP expression and executed without proper sanitation. A remote attacker can exploit this flaw by sending a crafted HTTP GET request with a base64-encoded payload in the Cmd header, resulting in arbitrary PHP code execution within the context of the web server.
CVSS 9.8
EIP-2026-104043 EXPLOITDB ruby WORKING POC
OrientDB 2.2.2 < 2.2.22 - Remote Code Execution (Metasploit)