Victor Mondragón

58 exploits Active since Jan 2026
CVE-2019-25593 EXPLOITDB MEDIUM python WORKING POC
jetCast Server 2.0 Denial of Service via Log Directory
jetCast Server 2.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Log directory configuration field. Attackers can paste a buffer of 5000 characters into the Log directory input, then click Start to trigger a crash that terminates the server process.
CVSS 5.5
CVE-2019-25589 EXPLOITDB MEDIUM python WORKING POC
ZOC Terminal 7.23.4 Buffer Overflow Denial of Service
ZOC Terminal 7.23.4 contains a buffer overflow vulnerability in the Shell field of Program Settings that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a crafted payload into the Shell configuration field and trigger a crash when accessing the Command Shell feature.
CVSS 6.2
CVE-2019-25588 EXPLOITDB MEDIUM python WORKING POC
BulletProof FTP Server 2019.0.0.50 Denial of Service via DNS Address
BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the DNS Address field that allows local attackers to crash the application by supplying an excessively long string. Attackers can enable the DNS Address option in the Firewall settings and paste a buffer of 700 bytes to trigger a crash when the Test function is invoked.
CVSS 6.2
CVE-2019-25587 EXPLOITDB MEDIUM python WORKING POC
BulletProof FTP Server 2019.0.0.50 Storage-Path Denial of Service
BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the Storage-Path configuration parameter that allows local attackers to crash the application by supplying an excessively long string value. Attackers can enable the Override Storage-Path setting and paste a buffer of 500 bytes or more to trigger an application crash when saving the configuration.
CVSS 6.2
CVE-2019-25586 EXPLOITDB MEDIUM python WORKING POC
Deluge 1.3.15 Denial of Service via URL Field
Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the URL field. Attackers can paste a buffer of 5000 characters into the 'From URL' field during torrent addition to trigger an application crash.
CVSS 6.2
CVE-2019-25585 EXPLOITDB MEDIUM python WORKING POC
Deluge 1.3.15 Denial of Service via Webseeds Field
Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Webseeds field. Attackers can paste a buffer of 5000 bytes into the Webseeds field during torrent creation to trigger an application crash.
CVSS 6.2
CVE-2019-25584 EXPLOITDB MEDIUM text WORKING POC
RarmaRadio 2.72.3 Server Field Buffer Overflow Denial of Service
RarmaRadio 2.72.3 contains a buffer overflow vulnerability in the Server field of the Network settings that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a malicious payload exceeding 4000 bytes into the Server field via the Settings menu to trigger an application crash.
CVSS 6.2
CVE-2019-25583 EXPLOITDB MEDIUM text WORKING POC
RarmaRadio 2.72.3 Username Field Denial of Service
RarmaRadio 2.72.3 contains a denial of service vulnerability in the Username field that allows local attackers to crash the application by submitting excessively long input. Attackers can paste a buffer of 5000 bytes into the Username field via Settings > Network to trigger an application crash.
CVSS 6.2
CVE-2021-47890 EXPLOITDB HIGH text WRITEUP
LogonExpert 8.1 - Privilege Escalation
LogonExpert 8.1 contains an unquoted service path vulnerability in the LogonExpertSvc service running with LocalSystem privileges. Attackers can exploit the unquoted path to place malicious executables in intermediate directories, potentially gaining elevated system access during service startup.
CVSS 7.8
CVE-2021-47889 EXPLOITDB HIGH text WRITEUP
Softros LAN Messenger 9.6.4 - Code Injection
Softros LAN Messenger 9.6.4 contains an unquoted service path vulnerability in the SoftrosSpellChecker service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files (x86)\Softros Systems\Softros Messenger\Spell Checker\' to inject malicious executables and escalate privileges.
CVSS 7.8
EIP-2026-116380 EXPLOITDB python WORKING POC
TapinRadio 2.11.6 - 'Address' Denial of Service (PoC)
EIP-2026-116319 EXPLOITDB python WORKING POC
SpotMSN 2.4.6 - Denial of Service (PoC)
EIP-2026-116320 EXPLOITDB python WORKING POC
SpotMSN 2.4.6 - Denial of Service (PoC)
EIP-2026-116657 EXPLOITDB python WORKING POC
ZOC Terminal v7.23.4 - 'Private key file' Denial of Service (PoC)
EIP-2026-116656 EXPLOITDB python WORKING POC
ZOC Terminal v7.23.4 - 'Private key file' Denial of Service (PoC)
EIP-2026-116653 EXPLOITDB python WORKING POC
ZOC Terminal 7.23.4 - 'Script' Denial of Service (PoC)
EIP-2026-116652 EXPLOITDB python WORKING POC
ZOC Terminal 7.23.4 - 'Script' Denial of Service (PoC)
EIP-2026-116381 EXPLOITDB python WORKING POC
TapinRadio 2.11.6 - 'Uername' Denial of Service (PoC)
EIP-2026-115973 EXPLOITDB python WORKING POC
NSauditor 3.1.2.0 - 'Name' Denial of Service (PoC)
EIP-2026-115972 EXPLOITDB python WORKING POC
NSauditor 3.1.2.0 - 'Name' Denial of Service (PoC)
EIP-2026-115115 EXPLOITDB python WORKING POC
Cyberoam General Authentication Client 2.1.2.7 - 'Server Address' Denial of Service (PoC)
EIP-2026-115141 EXPLOITDB python WORKING POC
DHCP Server 2.5.2 - Denial of Service (PoC)
EIP-2026-115140 EXPLOITDB python WORKING POC
DHCP Server 2.5.2 - Denial of Service (PoC)
EIP-2026-115124 EXPLOITDB python WORKING POC
Cyberoam Transparent Authentication Suite 2.1.2.5 - 'NetBIOS Name' Denial of Service (PoC)
EIP-2026-115123 EXPLOITDB python WORKING POC
Cyberoam Transparent Authentication Suite 2.1.2.5 - 'NetBIOS Name' Denial of Service (PoC)