Shayan Sadigh - Security Researcher - Exploit Intelligence Platform

CVE-2014-5088 EXPLOITDB WRITEUP

status2k - Cross-Site Scripting via Username Parameter in login.php

Cross-site scripting (XSS) vulnerability in Status2k allows remote attackers to inject arbitrary web script or HTML via the username to login.php.

View Code

CVE-2014-5089 EXPLOITDB WRITEUP

status2k - Authenticated SQL Injection via log Parameter

SQL injection vulnerability in admin/options/logs.php in Status2k allows remote authenticated administrators to execute arbitrary SQL commands via the log parameter.

View Code

CVE-2014-5090 EXPLOITDB WRITEUP

status2k - Authenticated Command Injection via Admin Panel Log Location Field

admin/options/logs.php in Status2k allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the Location field in Add Logs in the Admin Panel.

View Code

CVE-2014-5092 EXPLOITDB HIGH WRITEUP

status2k - Remote Command Execution via admin/options/editpl.php

Status2k allows Remote Command Execution in admin/options/editpl.php.

CVSS 8.8

View Code

CVE-2014-5093 EXPLOITDB CRITICAL WRITEUP

status2k - Insufficiently Protected Credentials via Unremoved Install Directory

Status2k does not remove the install directory allowing credential reset.

CVSS 9.8

View Code

CVE-2014-5082 EXPLOITDB WRITEUP

sphider < 1.3.6 - SQL Injection via site_id or url Parameter

Multiple SQL injection vulnerabilities in admin/admin.php in Sphider 1.3.6 and earlier, Sphider Pro, and Sphider-plus allow remote attackers to execute arbitrary SQL commands via the (1) site_id or (2) url parameter.

View Code

CVE-2014-5083 EXPLOITDB HIGH WRITEUP

sphider < 1.3.6 - Remote Code Execution via fwrite to conf.php

A Command Execution vulnerability exists in Sphider before 1.3.6 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5083 pertains to instances of fwrite in Sphider.

CVSS 8.8

View Code

CVE-2014-5084 EXPLOITDB HIGH WRITEUP

Sphider Pro 3.2 - Remote Code Execution via fwrite Parameter Injection

A Command Execution vulnerability exists in Sphider Pro 3.2 due to insufficient sanitization of fwrite, which could let a remote malicious user execute arbitrary code. CVE-2014-5084 pertains to instances of fwrite in Sphider Pro only, but do not exist in either Sphider or Sphider Plus.

CVSS 8.8

View Code

CVE-2014-5085 EXPLOITDB HIGH WRITEUP

Sphider Plus 3.2 - Remote Code Execution via fwrite to conf.php

A Command Execution vulnerability exists in Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5085 pertains to instances of fwrite in Sphider Plus, but do not exist in either Sphider or Sphider Pro.

CVSS 8.8

View Code

CVE-2014-5086 EXPLOITDB HIGH WORKING POC

Sphider Pro and Sphider Plus < 3.2 - Remote Code Execution via fwrite to conf.php

A Command Execution vulnerability exists in Sphider Pro, and Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5086 pertains to instances of fwrite in Sphider Pro and Sphider Plus only, but don’t exist in Sphider.

CVSS 8.8

View Code

CVE-2014-5091 EXPLOITDB CRITICAL text WRITEUP

status2k 2.5 - Remote Code Execution via Multies Parameter

A vulnerability exits in Status2K 2.5 Server Monitoring Software via the multies parameter to includes/functions.php, which could let a malicious user execute arbitrary PHP code.

CVSS 9.8

View Code

CVE-2014-5081 EXPLOITDB CRITICAL text WORKING POC

sphider < 1.3.6, sphider-pro < 3.2, sphider-plus < 3.2 - Authentication Bypass

sphider prior to 1.3.6, sphider-pro prior to 3.2, and sphider-plus prior to 3.2 allow authentication bypass

CVSS 9.8

View Code

CVE-2014-3206 EXPLOITDB CRITICAL text WORKING POC

Seagate BlackArmor NAS - Remote Code Execution via Session or Auth Name Parameter

Seagate BlackArmor NAS allows remote attackers to execute arbitrary code via the session parameter to localhost/backupmgt/localJob.php or the auth_name parameter to localhost/backupmgmt/pre_connect_check.php.

CVSS 9.8

View Code

CVE-2014-3205 EXPLOITDB CRITICAL text WORKING POC

Seagate BlackArmor NAS 220 and 110 Firmware - Use of Hard-coded Credentials

backupmgt/pre_connect_check.php in Seagate BlackArmor NAS contains a hard-coded password of '!~@##$$%FREDESWWSED' for a backdoor user.

CVSS 9.8

View Code

CVE-2014-5087 EXPLOITDB CRITICAL text WORKING POC

Sphider < 1.3.6 - Remote Code Execution via admin/spiderfuncs.php

A vulnerability exists in Sphider Search Engine prior to 1.3.6 due to exec calls in admin/spiderfuncs.php, which could let a remote malicious user execute arbitrary code.

CVSS 9.8

View Code

CVE-2014-5094 EXPLOITDB text WRITEUP

status2k - Unauthenticated Sensitive Information Exposure via phpinfo Action

Status2k allows remote attackers to obtain configuration information via a phpinfo action in a request to status/index.php, which calls the phpinfo function.

View Code

CVE-2016-6272 EXPLOITDB HIGH text WORKING POC

Epic MyChart - XPath Injection via Help Topic Parameter

XPath injection vulnerability in Epic MyChart allows remote attackers to access contents of an XML document containing static display strings, such as field labels, via the topic parameter to help.asp. NOTE: this was originally reported as a SQL injection vulnerability, but this may be inaccurate.

CVSS 7.5

View Code