Soroush Dalili

42 exploits Active since May 2005
CVE-2024-40711 NOMISEC CRITICAL WORKING POC
Veeam Backup & Replication 12.0.0.1420 through 12.2.0.334 - Deserialization RCE
A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE).
55 stars
CVSS 9.8
CVE-2024-40711 NOMISEC CRITICAL WORKING POC
Veeam Backup & Replication 12.0.0.1420 through 12.2.0.334 - Deserialization RCE
A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE).
42 stars
CVSS 9.8
CVE-2023-36899 NOMISEC HIGH WRITEUP
ASP.NET - Privilege Escalation
ASP.NET Elevation of Privilege Vulnerability
32 stars
CVSS 8.8
CVE-2022-23277 NOMISEC HIGH WORKING POC
Microsoft Exchange Server ChainedSerializationBinder RCE
Microsoft Exchange Server Remote Code Execution Vulnerability
9 stars
CVSS 8.8
CVE-2019-7214 NOMISEC CRITICAL WORKING POC
SmarterTools SmarterMail less than build 6985 - .NET Deserialization Remote Code Execution
SmarterTools SmarterMail 16.x before build 6985 allows deserialization of untrusted data. An unauthenticated attacker could run commands on the server when port 17001 was remotely accessible. This port is not accessible remotely by default after applying the Build 6985 patch.
3 stars
CVSS 9.8
CVE-2019-7214 NOMISEC CRITICAL WORKING POC
SmarterTools SmarterMail less than build 6985 - .NET Deserialization Remote Code Execution
SmarterTools SmarterMail 16.x before build 6985 allows deserialization of untrusted data. An unauthenticated attacker could run commands on the server when port 17001 was remotely accessible. This port is not accessible remotely by default after applying the Build 6985 patch.
1 stars
CVSS 9.8
CVE-2019-7214 NOMISEC CRITICAL WORKING POC
SmarterTools SmarterMail less than build 6985 - .NET Deserialization Remote Code Execution
SmarterTools SmarterMail 16.x before build 6985 allows deserialization of untrusted data. An unauthenticated attacker could run commands on the server when port 17001 was remotely accessible. This port is not accessible remotely by default after applying the Build 6985 patch.
1 stars
CVSS 9.8
CVE-2019-7214 NOMISEC CRITICAL WORKING POC
SmarterTools SmarterMail less than build 6985 - .NET Deserialization Remote Code Execution
SmarterTools SmarterMail 16.x before build 6985 allows deserialization of untrusted data. An unauthenticated attacker could run commands on the server when port 17001 was remotely accessible. This port is not accessible remotely by default after applying the Build 6985 patch.
CVSS 9.8
CVE-2022-41040 METASPLOIT HIGH ruby WORKING POC
Microsoft Exchange ProxyNotShell RCE
Microsoft Exchange Server Elevation of Privilege Vulnerability
CVSS 8.8
CVE-2010-2731 METASPLOIT ruby WORKING POC
Microsoft IIS 5.1 - Auth Bypass
Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 on Windows XP SP3, when directory-based Basic Authentication is enabled, allows remote attackers to bypass intended access restrictions and execute ASP files via a crafted request, aka "Directory Authentication Bypass Vulnerability."
CVE-2013-7331 METASPLOIT MEDIUM ruby WORKING POC
Microsoft XMLDOM - Info Disclosure
The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier allows remote attackers to determine the existence of local pathnames, UNC share pathnames, intranet hostnames, and intranet IP addresses by examining error codes, as demonstrated by a res:// URL, and exploited in the wild in February 2014.
CVSS 6.5
CVE-2020-0618 METASPLOIT HIGH ruby WORKING POC
Microsoft Sql Server - Insecure Deserialization
A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka 'Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability'.
CVSS 8.8
CVE-2020-0646 METASPLOIT CRITICAL ruby WORKING POC
Microsoft .net Framework - Remote Code Execution
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.NET Framework Remote Code Execution Injection Vulnerability'.
CVSS 9.8
CVE-2022-41082 METASPLOIT HIGH ruby WORKING POC
Microsoft Exchange Server - RCE
Microsoft Exchange Server Remote Code Execution Vulnerability
CVSS 8.0
CVE-2019-7214 METASPLOIT CRITICAL ruby WORKING POC
SmarterTools SmarterMail less than build 6985 - .NET Deserialization Remote Code Execution
SmarterTools SmarterMail 16.x before build 6985 allows deserialization of untrusted data. An unauthenticated attacker could run commands on the server when port 17001 was remotely accessible. This port is not accessible remotely by default after applying the Build 6985 patch.
CVSS 9.8
CVE-2024-1800 METASPLOIT CRITICAL ruby WORKING POC
Progress Telerik Report Server - Insecure Deserialization
In Progress® Telerik® Report Server versions prior to 2024 Q1 (10.0.24.130), a remote code execution attack is possible through an insecure deserialization vulnerability.
CVSS 9.9
CVE-2020-1147 METASPLOIT HIGH ruby WORKING POC
Microsoft .net Core < 15.9 - Remote Code Execution
A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.
CVSS 7.8
CVE-2013-3346 METASPLOIT CRITICAL ruby WORKING POC
Adobe Acrobat < 9.5.5 - Out-of-Bounds Write
Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341.
CVSS 9.8
CVE-2013-3346 METASPLOIT CRITICAL ruby WORKING POC
Adobe Acrobat < 9.5.5 - Out-of-Bounds Write
Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341.
CVSS 9.8
EIP-2026-119374 EXPLOITDB text WRITEUP
gleamtech filevista/fileultimate 4.6 - Directory Traversal
EIP-2026-119404 EXPLOITDB text WRITEUP
Microsoft IIS - Short File/Folder Name Disclosure
CVE-2020-0646 EXPLOITDB CRITICAL ruby WORKING POC
Microsoft .net Framework - Remote Code Execution
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.NET Framework Remote Code Execution Injection Vulnerability'.
CVSS 9.8
CVE-2019-7214 EXPLOITDB CRITICAL python WORKING POC
SmarterTools SmarterMail less than build 6985 - .NET Deserialization Remote Code Execution
SmarterTools SmarterMail 16.x before build 6985 allows deserialization of untrusted data. An unauthenticated attacker could run commands on the server when port 17001 was remotely accessible. This port is not accessible remotely by default after applying the Build 6985 patch.
CVSS 9.8
CVE-2010-2731 EXPLOITDB text WRITEUP
Microsoft IIS 5.1 - Auth Bypass
Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 on Windows XP SP3, when directory-based Basic Authentication is enabled, allows remote attackers to bypass intended access restrictions and execute ASP files via a crafted request, aka "Directory Authentication Bypass Vulnerability."
CVE-2005-2219 EXPLOITDB text WORKING POC
Hosting Controller 6.1 - Privilege Escalation
Hosting Controller 6.1 Hotfix 2.1 allows remote authenticated users to perform unauthorized actions, such as modifying the credit limit, via a direct request to AccountActions.asp and modifying the CreditLimit parameter in an UpdateCreditLimit action.