absolomb

6 exploits Active since Jul 2014
CVE-2014-4688 NOMISEC WORKING POC
pfSense <2.1.4 - Command Injection
pfSense before 2.1.4 allows remote authenticated users to execute arbitrary commands via (1) the hostname value to diag_dns.php in a Create Alias action, (2) the smartmonemail value to diag_smart.php, or (3) the database value to status_rrd_graph_img.php.
1 stars
CVE-2014-4688 NOMISEC WORKING POC
pfSense <2.1.4 - Command Injection
pfSense before 2.1.4 allows remote authenticated users to execute arbitrary commands via (1) the hostname value to diag_dns.php in a Create Alias action, (2) the smartmonemail value to diag_smart.php, or (3) the database value to status_rrd_graph_img.php.
CVE-2018-25255 EXPLOITDB HIGH python WORKING POC
10-Strike LANState 8.8 Local Buffer Overflow SEH
10-Strike LANState 8.8 contains a local buffer overflow vulnerability in structured exception handling that allows local attackers to execute arbitrary code by crafting malicious LSM map files. Attackers can create a specially formatted LSM file with a payload in the ObjCaption parameter that overflows the buffer, overwrites the SEH chain, and executes shellcode when the file is opened in the application.
CVSS 8.4
EIP-2026-116674 EXPLOITDB python WORKING POC
10-Strike Bandwidth Monitor 3.7 - Local Buffer Overflow (SEH)
EIP-2026-116675 EXPLOITDB python WORKING POC
10-Strike Bandwidth Monitor 3.7 - Local Buffer Overflow (SEH)
CVE-2014-4688 EXPLOITDB python WORKING POC
pfSense <2.1.4 - Command Injection
pfSense before 2.1.4 allows remote authenticated users to execute arbitrary commands via (1) the hostname value to diag_dns.php in a Create Alias action, (2) the smartmonemail value to diag_smart.php, or (3) the database value to status_rrd_graph_img.php.