juan vazquez

645 exploits Active since Sep 2005
CVE-2013-4826 METASPLOIT ruby WORKING POC
HP Intelligent Management Center Exposure of Sensitive Information
Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-1647.
CVE-2012-0419 METASPLOIT ruby WORKING POC
Novell GroupWise <8.0 SP3, <2012 SP1 - Path Traversal
Directory traversal vulnerability in the agent HTTP interfaces in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to read arbitrary files via directory traversal sequences in a request.
CVE-2012-2926 METASPLOIT CRITICAL ruby WORKING POC
Atlassian Bamboo < 3.3.4 - XML External Entity Injection
Atlassian JIRA before 5.0.1; Confluence before 3.5.16, 4.0 before 4.0.7, and 4.1 before 4.1.10; FishEye and Crucible before 2.5.8, 2.6 before 2.6.8, and 2.7 before 2.7.12; Bamboo before 3.3.4 and 3.4.x before 3.4.5; and Crowd before 2.0.9, 2.1 before 2.1.2, 2.2 before 2.2.9, 2.3 before 2.3.7, and 2.4 before 2.4.1 do not properly restrict the capabilities of third-party XML parsers, which allows remote attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors.
CVSS 9.1
CVE-2012-5204 METASPLOIT ruby WORKING POC
HP iMC <5.2 E0401 - Info Disclosure
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1614.
CVE-2013-6785 METASPLOIT MEDIUM ruby WORKING POC
Supermicro IPMI < SMT_X9_315 Authenticated Path Traversal via url_redirect.cgi
Directory traversal vulnerability in url_redirect.cgi in Supermicro IPMI before SMT_X9_315 allows authenticated attackers to read arbitrary files via the url_name parameter.
CVSS 4.3
CVE-2010-1587 METASPLOIT ruby WORKING POC
Apache ActiveMQ <5.3.2 and <5.4.0 - Info Disclosure
The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4.x before 5.4.0 allows remote attackers to read JSP source code via a // (slash slash) initial substring in a URI for (1) admin/index.jsp, (2) admin/queues.jsp, or (3) admin/topics.jsp.
CVE-2012-5203 METASPLOIT ruby WORKING POC
HP iMC <5.2 E0401 - Info Disclosure
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1613.
CVE-2010-1587 METASPLOIT ruby WORKING POC
Apache ActiveMQ <5.3.2 and <5.4.0 - Info Disclosure
The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4.x before 5.4.0 allows remote attackers to read JSP source code via a // (slash slash) initial substring in a URI for (1) admin/index.jsp, (2) admin/queues.jsp, or (3) admin/topics.jsp.
CVE-2012-4933 METASPLOIT ruby WORKING POC
Novell ZENworks Asset Management 7.5 - Info Disclosure
The rtrlet web application in the Web Console in Novell ZENworks Asset Management (ZAM) 7.5 uses a hard-coded username of Ivanhoe and a hard-coded password of Scott for the (1) GetFile_Password and (2) GetConfigInfo_Password operations, which allows remote attackers to obtain sensitive information via a crafted rtrlet/rtr request for the HandleMaintenanceCalls function.
CVE-2012-4958 METASPLOIT ruby WORKING POC
Novell File Reporter 1.0.2 - Path Traversal
Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to read arbitrary files via a 126 /FSF/CMD request with a .. (dot dot) in a FILE element of an FSFUI record.
CVE-2012-4933 METASPLOIT ruby WORKING POC
Novell ZENworks Asset Management 7.5 - Info Disclosure
The rtrlet web application in the Web Console in Novell ZENworks Asset Management (ZAM) 7.5 uses a hard-coded username of Ivanhoe and a hard-coded password of Scott for the (1) GetFile_Password and (2) GetConfigInfo_Password operations, which allows remote attackers to obtain sensitive information via a crafted rtrlet/rtr request for the HandleMaintenanceCalls function.
CVE-2013-3623 METASPLOIT ruby SCANNER
Supermicro Onboard IPMI CGI Vulnerability Scanner
Multiple stack-based buffer overflows in cgi/close_window.cgi in the web interface in the Intelligent Platform Management Interface (IPMI) with firmware before 3.15 (SMT_X9_315) on Supermicro X9 generation motherboards allow remote attackers to execute arbitrary code via the (1) sess_sid or (2) ACT parameter.
CVE-2012-5202 METASPLOIT ruby WORKING POC
HP Intelligent Management Center < 5.2 E0401 - Remote Information Disclosure, Data Modification, or Denial of Service
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1612.
CVE-2012-4957 METASPLOIT ruby WORKING POC
Novell File Reporter <1.0.2 - Path Traversal
Absolute path traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to read arbitrary files via a /FSF/CMD request with a full pathname in a PATH element of an SRS record.
CVE-2013-4823 METASPLOIT ruby WORKING POC
HP Intelligent Management Center and IMC Branch Intelligent Management System Software Module - Information Disclosure
Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Branch Intelligent Management System Software Module (aka BIMS) allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-1607.
CVE-2014-0160 METASPLOIT HIGH ruby WORKING POC
OpenSSL 1.0.1-1.0.1f - Out-of-bounds Read via Heartbeat Extension
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
CVSS 7.5
CVE-2013-1814 METASPLOIT ruby WORKING POC
Apache Rave 0.11-0.20 - Authenticated Sensitive Information Exposure via User RPC API
The users/get program in the User RPC API in Apache Rave 0.11 through 0.20 allows remote authenticated users to obtain sensitive information about all user accounts via the offset parameter, as demonstrated by discovering password hashes in the password field of a response.
CVE-2012-4554 METASPLOIT ruby WORKING POC
Drupal 7.x < 7.16 - Arbitrary File Read via OpenID Module XRDS DOCTYPE Declaration
The OpenID module in Drupal 7.x before 7.16 allows remote OpenID servers to read arbitrary files via a crafted DOCTYPE declaration in an XRDS file.
CVE-2005-4832 METASPLOIT ruby WORKING POC
Oracle Database Server 10g - SQL Injection
SQL injection vulnerability in the Oracle Database Server 10g allows remote authenticated users to execute arbitrary SQL commands with elevated privileges via the SUBSCRIPTION_NAME parameter in the (1) SYS.DBMS_CDC_SUBSCRIBE and (2) SYS.DBMS_CDC_ISUBSCRIBE packages, a different vector than CVE-2005-1197.
CVE-2012-6330 METASPLOIT ruby WORKING POC
Foswiki MAKETEXT Remote Command Execution
The localization functionality in TWiki before 5.1.3, and Foswiki 1.0.x through 1.0.10 and 1.1.x through 1.1.6, allows remote attackers to cause a denial of service (memory consumption) via a large integer in a %MAKETEXT% macro.
CVE-2014-1691 METASPLOIT ruby WORKING POC
Horde Application Framework < 5.1.1 - Remote Code Execution via Serialized Object in _formvars
The framework/Util/lib/Horde/Variables.php script in the Util library in Horde before 5.1.1 allows remote attackers to conduct object injection attacks and execute arbitrary PHP code via a crafted serialized object in the _formvars form.
CVE-2013-3522 METASPLOIT ruby WORKING POC
vBulletin 5.0.0 Beta 11 and earlier - Authenticated SQL Injection via nodeid Parameter
SQL injection vulnerability in index.php/ajax/api/reputation/vote in vBulletin 5.0.0 Beta 11, 5.0.0 Beta 28, and earlier allows remote authenticated users to execute arbitrary SQL commands via the nodeid parameter.
CVE-2011-1900 METASPLOIT ruby WORKING POC
InduSoft Web Studio <7.0+Patch 1 - Path Traversal
Directory traversal vulnerability in NTWebServer in InduSoft Web Studio 6.1 and 7.x before 7.0+Patch 1 allows remote attackers to execute arbitrary code via an invalid request.
CVE-2012-5692 METASPLOIT ruby WORKING POC
Invision Power Board 3.1.x-3.3.x core.php - Impact Unknown
Unspecified vulnerability in admin/sources/base/core.php in Invision Power Board (aka IPB or IP.Board) 3.1.x through 3.3.x has unknown impact and remote attack vectors.
CVE-2012-0694 METASPLOIT CRITICAL ruby WORKING POC
SugarCRM CE <= 6.3.1 - Code Injection
SugarCRM CE <= 6.3.1 contains scripts that use "unserialize()" with user controlled input which allows remote attackers to execute arbitrary PHP code.
CVSS 9.8