Vahagn Vardanian

3 exploits Active since Mar 2018
CVE-2018-2380 NOMISEC MEDIUM WORKING POC
SAP Customer Relationship Management - Path Traversal
SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs.
51 stars
CVSS 6.6
CVE-2018-2380 EXPLOITDB MEDIUM python WORKING POC
SAP Customer Relationship Management - Path Traversal
SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs.
CVSS 6.6
CVE-2018-15961 EXPLOITDB CRITICAL text WORKING POC
Adobe Coldfusion - Unrestricted File Upload
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution.
CVSS 9.8