Richard Warren

4 exploits Active since Jul 2013
CVE-2024-37404 METASPLOIT HIGH ruby WORKING POC
Ivanti Connect Secure Authenticated Remote Code Execution via OpenSSL CRLF Injection
Improper Input Validation in the admin portal of Ivanti Connect Secure before 22.7R2.1 and 9.1R18.9, or Ivanti Policy Secure before 22.7R1.1 allows a remote authenticated attacker to achieve remote code execution.
CVSS 8.8
CVE-2020-8260 METASPLOIT HIGH ruby WORKING POC
Pulse Connect Secure <9.1R9 - Authenticated RCE
A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated attacker to perform an arbitrary code execution using uncontrolled gzip extraction.
CVSS 7.2
CVE-2013-3803 EXPLOITDB text WRITEUP
Oracle Hyperion <11.1.2.305 - Info Disclosure
Unspecified vulnerability in the Hyperion BI+ component in Oracle Hyperion 11.1.1.3, 11.1.1.4.107 and earlier, 11.1.2.1.129 and earlier, and 11.1.2.2.305 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Intelligence Service.
EIP-2026-113594 EXPLOITDB text WRITEUP
WordPress Plugin Better WP Security 3.4.8/3.4.9/3.4.10/3.5.2/3.5.3 - Persistent Cross-Site Scripting