Touhid M.Shaikh

39 exploits Active since Apr 2017
CVE-2016-1713 METASPLOIT HIGH ruby WORKING POC
Vtiger CRM 6.4.0 - RCE
Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyDetailsSave_Action class in modules/Settings/Vtiger/actions/CompanyDetailsSave.php in Vtiger CRM 6.4.0 allows remote authenticated users to execute arbitrary code by uploading a crafted image file with an executable extension, then accessing it via a direct request to the file in test/logo/. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6000.
CVSS 7.3
CVE-2019-25705 EXPLOITDB HIGH python WORKING POC
Echo Mirage 3.1 Stack Buffer Overflow via Rules Action Field
Echo Mirage 3.1 contains a stack buffer overflow vulnerability that allows local attackers to crash the application or execute arbitrary code by supplying an oversized string in the Rules action field. Attackers can create a malicious text file with a crafted payload exceeding buffer boundaries and paste it into the action field through the Rules dialog to trigger the overflow and overwrite the return address.
CVSS 8.4
CVE-2017-9426 EXPLOITDB CRITICAL text WORKING POC
Piwigo Facetag <0.0.3 - SQL Injection
ws.php in the Facetag extension 0.0.3 for Piwigo allows SQL injection via the imageId parameter in a facetag.changeTag or facetag.listTags action.
CVSS 9.8
CVE-2017-9425 EXPLOITDB MEDIUM text WORKING POC
Facetag extension 0.0.3 - XSS
The Facetag extension 0.0.3 for Piwigo allows XSS via the name parameter to ws.php in a facetag.changeTag action.
CVSS 6.1
CVE-2017-9243 EXPLOITDB MEDIUM text WORKING POC
Aries QWR-1104 - XSS
Aries QWR-1104 Wireless-N Router with Firmware Version WRC.253.2.0913 has XSS on the Wireless Site Survey page, exploitable with the name of an access point.
CVSS 6.1
CVE-2017-9100 EXPLOITDB HIGH text WORKING POC
D-Link DIR-600M <3.04 - Auth Bypass
login.cgi on D-Link DIR-600M devices with firmware 3.04 allows remote attackers to bypass authentication by entering more than 20 blank spaces in the password field during an admin login attempt.
CVSS 8.8
CVE-2017-9080 EXPLOITDB HIGH text WRITEUP
PlaySMS 1.4 - RCE
PlaySMS 1.4 allows remote code execution because PHP code in the name of an uploaded .php file is executed. sendfromfile.php has a combination of Unrestricted File Upload and Code Injection.
CVSS 8.8
CVE-2017-12853 EXPLOITDB HIGH html WORKING POC
Rtsindia Rwr-3g-100 Firmware - CSRF
The RealTime RWR-3G-100 Router Firmware Version : Ver1.0.56 is affected by CSRF an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated.
CVSS 8.8
CVE-2017-18048 METASPLOIT HIGH ruby WORKING POC
Monstra - Unrestricted File Upload
Monstra CMS 3.0.4 allows users to upload arbitrary files, which leads to remote command execution on the server, for example because .php (lowercase) is blocked but .PHP (uppercase) is not.
CVSS 8.8
CVE-2020-8644 METASPLOIT CRITICAL ruby WORKING POC
PlaySMS <1.4.3 - XSS
PlaySMS before 1.4.3 does not sanitize inputs from a malicious string.
CVSS 9.8
CVE-2015-6000 METASPLOIT HIGH ruby WORKING POC
Vtiger CRM <6.3.0 - RCE
Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyDetailsSave_Action class in modules/Settings/Vtiger/actions/CompanyDetailsSave.php in Vtiger CRM 6.3.0 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in test/logo/.
CVSS 8.8
CVE-2018-7665 METASPLOIT CRITICAL ruby WORKING POC
Clip-bucket Clipbucket < 4.0.0 - Unrestricted File Upload
An issue was discovered in ClipBucket before 4.0.0 Release 4902. A malicious file can be uploaded via the name parameter to actions/beats_uploader.php or actions/photo_uploader.php, or the coverPhoto parameter to edit_account.php.
CVSS 9.8
CVE-2017-9101 METASPLOIT CRITICAL ruby WORKING POC
PlaySMS 1.4 - RCE
import.php (aka the Phonebook import feature) in PlaySMS 1.4 allows remote code execution via vectors involving the User-Agent HTTP header and PHP code in the name of a file.
CVSS 9.8
CVE-2017-9080 METASPLOIT HIGH ruby WORKING POC
PlaySMS 1.4 - RCE
PlaySMS 1.4 allows remote code execution because PHP code in the name of an uploaded .php file is executed. sendfromfile.php has a combination of Unrestricted File Upload and Code Injection.
CVSS 8.8
CVE-2017-1000119 METASPLOIT HIGH ruby WORKING POC
October CMS <build 412 - Code Injection
October CMS build 412 is vulnerable to PHP code execution in the file upload functionality resulting in site compromise and possibly other applications on the server.
CVSS 7.2
EIP-2026-118466 EXPLOITDB text WRITEUP
Easy File Sharing Web Server 7.2 - Authentication Bypass
EIP-2026-118464 EXPLOITDB python WORKING POC
Easy File Sharing Web Server 7.2 - 'POST' Remote Buffer Overflow
EIP-2026-117078 EXPLOITDB python WORKING POC
Dup Scout Enterprise 9.9.14 - 'Input Directory' Local Buffer Overflow
EIP-2026-117059 EXPLOITDB python WORKING POC
DiskBoss Enterprise 8.4.16 - 'Import Command' Local Buffer Overflow
EIP-2026-117075 EXPLOITDB python WORKING POC
Dup Scout Enterprise 10.0.18 - 'Import Command' Local Buffer Overflow
EIP-2026-117101 EXPLOITDB python WORKING POC
Easy RM RMVB to DVD Burner 1.8.11 - Local Buffer Overflow (SEH)
EIP-2026-117112 EXPLOITDB python WORKING POC
Easy WMV/ASF/ASX to DVD Burner 2.3.11 - Local Buffer Overflow (SEH)
EIP-2026-115151 EXPLOITDB python WORKING POC
DiskBoss Enterprise 8.4.16 - Local Buffer Overflow (PoC)
EIP-2026-113047 EXPLOITDB text WORKING POC
VehicleWorkshop - Arbitrary File Upload
CVE-2016-1713 EXPLOITDB HIGH ruby WORKING POC
Vtiger CRM 6.4.0 - RCE
Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyDetailsSave_Action class in modules/Settings/Vtiger/actions/CompanyDetailsSave.php in Vtiger CRM 6.4.0 allows remote authenticated users to execute arbitrary code by uploading a crafted image file with an executable extension, then accessing it via a direct request to the file in test/logo/. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6000.
CVSS 7.3