juan vazquez

645 exploits Active since Sep 2005
EIP-2026-104763 EXPLOITDB ruby WORKING POC
PineApp Mail-SeCure - 'ldapsyncnow.php' Arbitrary Command Execution (Metasploit)
EIP-2026-104757 EXPLOITDB ruby WORKING POC
PHP IRC Bot pbot - 'eval()' Remote Code Execution (Metasploit)
CVE-2011-4275 EXPLOITDB ruby WORKING POC
iTop 1.1.181 and 1.2.0-RC-282 - Cross-Site Scripting via Multiple Input Vectors
Multiple cross-site scripting (XSS) vulnerabilities in iTop (aka IT Operations Portal) 1.1.181 and 1.2.0-RC-282 allow remote attackers to inject arbitrary web script or HTML via (1) a crafted company name, (2) a crafted database server name, (3) a crafted CSV file, (4) a crafted copy-and-paste action, (5) the auth_user parameter in a suggest_pwd action to UI.php, (6) the c[menu] parameter to UniversalSearch.php, (7) the description parameter in a SearchFormToAdd_document_list action to UI.php, (8) the category parameter in an errors action to audit.php, or (9) the suggest_pwd parameter to UI.php.
CVE-2013-5576 EXPLOITDB ruby WORKING POC
Joomla! <2.5.14, <3.1.5 - Auth Bypass
administrator/components/com_media/helpers/media.php in the media manager in Joomla! 2.5.x before 2.5.14 and 3.x before 3.1.5 allows remote authenticated users or remote attackers to bypass intended access restrictions and upload files with dangerous extensions via a filename with a trailing . (dot), as exploited in the wild in August 2013.
CVE-2014-1691 EXPLOITDB ruby WORKING POC
Horde Application Framework < 5.1.1 - Remote Code Execution via Serialized Object in _formvars
The framework/Util/lib/Horde/Variables.php script in the Util library in Horde before 5.1.1 allows remote attackers to conduct object injection attacks and execute arbitrary PHP code via a crafted serialized object in the _formvars form.
CVE-2012-3485 EXPLOITDB ruby WORKING POC
Tunnelblick < 3.3beta20 - Privilege Escalation via argv[0] Pathname Manipulation
Tunnelblick 3.3beta20 and earlier relies on argv[0] to determine the name of an appropriate (1) kernel module pathname or (2) executable file pathname, which allows local users to gain privileges via an execl system call.
CVE-2012-4284 EXPLOITDB CRITICAL ruby WORKING POC
Viscosity 1.4.1 - Privilege Escalation via ViscosityHelper Path Validation Issue
A Privilege Escalation vulnerability exists in Viscosity 1.4.1 on Mac OS X due to a path name validation issue in the setuid-set ViscosityHelper binary, which could let a remote malicious user execute arbitrary code
CVSS 9.8
CVE-2013-1775 EXPLOITDB ruby WORKING POC
Mac OS X Sudo Password Bypass
sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch.
CVE-2012-0507 EXPLOITDB CRITICAL ruby WORKING POC
Java AtomicReferenceArray Type Violation Vulnerability
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.
CVSS 9.8
CVE-2013-2465 EXPLOITDB CRITICAL ruby WORKING POC
Java storeImageArray() Invalid Array Indexing Vulnerability
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image channel verification" in 2D.
CVSS 9.8
EIP-2026-103926 EXPLOITDB ruby WORKING POC
HP SiteScope (Linux/Windows) - Remote Code Execution (Metasploit)
EIP-2026-103924 EXPLOITDB ruby WORKING POC
HP Data Protector - 'EXEC_INTEGUTIL' Remote Code Execution (Metasploit)
CVE-2015-1497 EXPLOITDB ruby WORKING POC
Persistent Systems Radia Client Automation <9.1 - RCE
radexecd.exe in Persistent Systems Radia Client Automation (RCA) 7.9, 8.1, 9.0, and 9.1 allows remote attackers to execute arbitrary commands via a crafted request to TCP port 3465.
CVE-2014-1649 EXPLOITDB ruby WORKING POC
Symantec Workspace Streaming <7.5.0.749 - SSRF
The server in Symantec Workspace Streaming (SWS) before 7.5.0.749 allows remote attackers to access files and functionality by sending a crafted XMLRPC request over HTTPS.
EIP-2026-104087 EXPLOITDB ruby WORKING POC
Squiggle 1.7 - SVG Browser Java Code Execution (Metasploit)
EIP-2026-104086 EXPLOITDB ruby WORKING POC
Splunk 5.0 - Custom App Remote Code Execution (Metasploit)
CVE-2013-1359 EXPLOITDB CRITICAL ruby WORKING POC
DELL SonicWALL Analyzer 7.0, GMS 4.1-7.0, UMA 5.1-7.0, ViewPoint 4.1-6.0 - Authentication Bypass
An Authentication Bypass Vulnerability exists in DELL SonicWALL Analyzer 7.0, Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0; Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, 5.1, and 6.0 via the skipSessionCheck parameter to the UMA interface (/appliance/), which could let a remote malicious user obtain access to the root account.
CVSS 9.8
CVE-2014-3914 EXPLOITDB ruby WORKING POC
Rocket ServerGraph 1.2 - Path Traversal
Directory traversal vulnerability in the Admin Center for Tivoli Storage Manager (TSM) in Rocket ServerGraph 1.2 allows remote attackers to (1) create arbitrary files via a .. (dot dot) in the query parameter in a writeDataFile action to the fileRequestor servlet, execute arbitrary files via a .. (dot dot) in the query parameter in a (2) run or (3) runClear action to the fileRequestor servlet, (4) read arbitrary files via a readDataFile action to the fileRequestor servlet, (5) execute arbitrary code via a save_server_groups action to the userRequest servlet, or (6) delete arbitrary files via a del action in the fileRequestServlet servlet.
CVE-2013-1080 EXPLOITDB ruby WORKING POC
Novell ZENworks Configuration Management < 11.2.4 - Directory Traversal & Arbitrary File Upload
The web server in Novell ZENworks Configuration Management (ZCM) 10.3 and 11.2 before 11.2.4 does not properly perform authentication for zenworks/jsp/index.jsp, which allows remote attackers to conduct directory traversal attacks, and consequently upload and execute arbitrary programs, via a request to TCP port 443.
CVE-2012-0432 EXPLOITDB ruby WORKING POC
NetIQ eDirectory <8.8.7.2 - Buffer Overflow
Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 8.8.7.x before 8.8.7.2 allows remote attackers to have an unspecified impact via unknown vectors.
CVE-2011-3544 EXPLOITDB CRITICAL ruby WORKING POC
Java Applet Rhino Script Engine Remote Code Execution
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting.
CVSS 9.8
CVE-2013-0431 EXPLOITDB MEDIUM ruby WORKING POC
Oracle JRE 7 through Update 11 and OpenJDK 7 - Security Sandbox Bypass via JMX
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, and OpenJDK 7, allows user-assisted remote attackers to bypass the Java security sandbox via unspecified vectors related to JMX, aka "Issue 52," a different vulnerability than CVE-2013-1490.
CVSS 5.3
CVE-2013-2423 EXPLOITDB LOW ruby WORKING POC
Oracle JRE - Improper Access Control
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from the original researcher that this vulnerability allows remote attackers to bypass permission checks by the MethodHandles method and modify arbitrary public final fields using reflection and type confusion, as demonstrated using integer and double fields to disable the security manager.
CVSS 3.7
CVE-2012-5088 EXPLOITDB ruby WORKING POC
Oracle Java SE <7.7 - Info Disclosure
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
CVE-2012-5076 EXPLOITDB CRITICAL ruby WORKING POC
Java Applet AverageRangeStatisticImpl Remote Code Execution
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JAX-WS.
CVSS 9.8