bzyo

61 exploits Active since Mar 2014
CVE-2018-10078 EXPLOITDB MEDIUM text WORKING POC
Geist WatchDog Console 3.2.2 - XSS
Cross-site scripting (XSS) vulnerability in Geist WatchDog Console 3.2.2 allows remote authenticated administrators to inject arbitrary web script or HTML via a server description.
CVSS 4.8
CVE-2018-10077 EXPLOITDB MEDIUM text WORKING POC
Geist WatchDog Console 3.2.2 - Info Disclosure
XML external entity (XXE) vulnerability in Geist WatchDog Console 3.2.2 allows remote authenticated administrators to read arbitrary files via crafted XML data.
CVSS 4.9
CVE-2025-34078 METASPLOIT HIGH ruby WORKING POC
NSClient++ <0.5.2.35 - Privilege Escalation
A local privilege escalation vulnerability exists in NSClient++ 0.5.2.35 when both the web interface and ExternalScripts features are enabled. The configuration file (nsclient.ini) stores the administrative password in plaintext and is readable by local users. By extracting this password, an attacker can authenticate to the NSClient++ web interface (typically accessible on port 8443) and abuse the ExternalScripts plugin to inject and execute arbitrary commands as SYSTEM by registering a custom script, saving the configuration, and triggering it via the API. This behavior is documented but insecure, as the plaintext credential exposure undermines access isolation between local users and administrative functions.
CVSS 7.8
CVE-2014-2206 METASPLOIT ruby WORKING POC
GetGo Download Manager <4.9.0.1982 - Buffer Overflow
Stack-based buffer overflow in GetGo Download Manager 4.9.0.1982, 4.8.2.1346, 4.4.5.502, and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a long HTTP Response Header.
EIP-2026-119648 EXPLOITDB python WORKING POC
R 3.4.4 (Windows 10 x64) - Buffer Overflow (DEP/ASLR Bypass)
CVE-2018-10763 EXPLOITDB MEDIUM text WRITEUP
Synametrics Synaman - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Synametrics SynaMan 4.0 build 1488 via the (1) Main heading or (2) Sub heading fields in the Partial Branding configuration page.
CVSS 4.8
CVE-2018-10814 EXPLOITDB HIGH text WRITEUP
Synametrics Synaman - Insufficiently Protected Credentials
Synametrics SynaMan 4.0 build 1488 uses cleartext password storage for SMTP credentials.
CVSS 7.8
CVE-2018-10079 EXPLOITDB HIGH text WORKING POC
Geist WatchDog Console <3.2.2 - Info Disclosure
Geist WatchDog Console 3.2.2 uses a weak ACL for the C:\ProgramData\WatchDog Console directory, which allows local users to modify configuration data by updating (1) config.xml or (2) servers.xml.
CVSS 7.8
EIP-2026-118604 EXPLOITDB python WORKING POC
GetGo Download Manager 5.3.0.2712 - Buffer Overflow (SEH)
EIP-2026-117987 EXPLOITDB text WORKING POC
Sysax FTP Automation 6.9.0 - Privilege Escalation
EIP-2026-117952 EXPLOITDB text WORKING POC
Splinterware System Scheduler Pro 5.12 - Privilege Escalation
EIP-2026-117951 EXPLOITDB python WORKING POC
Splinterware System Scheduler Pro 5.12 - Buffer Overflow (SEH)
EIP-2026-118095 EXPLOITDB text WORKING POC
WebLog Expert Enterprise 9.4 - Privilege Escalation
EIP-2026-117854 EXPLOITDB python WORKING POC
RGui 3.4.4 - Local Buffer Overflow
EIP-2026-117393 EXPLOITDB text WORKING POC
LabF nfsAxe 3.7 - Privilege Escalation
CVE-2018-9131 EXPLOITDB python WORKING POC
Rejected
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
EIP-2026-116882 EXPLOITDB python WORKING POC
Base64 Decoder 1.1.2 - Local Buffer Overflow (SEH)
EIP-2026-116743 EXPLOITDB python WORKING POC
AgataSoft Auto PingMaster 1.5 - Buffer Overflow (SEH)
EIP-2026-116881 EXPLOITDB python WORKING POC
Base64 Decoder 1.1.2 - Local Buffer Overflow (SEH)
EIP-2026-117357 EXPLOITDB python WORKING POC
IrfanView 4.50 Email Plugin - Buffer Overflow (SEH Unicode)
EIP-2026-117356 EXPLOITDB python WORKING POC
IrfanView 4.44 Email Plugin - Buffer Overflow (SEH)
EIP-2026-117247 EXPLOITDB python WORKING POC
GoldWave 5.70 - Local Buffer Overflow (SEH Unicode)
EIP-2026-117145 EXPLOITDB text WORKING POC
exacqVision ESM 5.12.2 - Privilege Escalation
EIP-2026-117076 EXPLOITDB python WORKING POC
Dup Scout Enterprise 10.5.12 - 'Share Username' Local Buffer Overflow
EIP-2026-116976 EXPLOITDB python WORKING POC
Code Blocks 17.12 - Local Buffer Overflow (SEH) (Unicode)